US6247129B1 - Secure electronic commerce employing integrated circuit cards - Google Patents

Secure electronic commerce employing integrated circuit cards Download PDF

Info

Publication number
US6247129B1
US6247129B1 US09/037,745 US3774598A US6247129B1 US 6247129 B1 US6247129 B1 US 6247129B1 US 3774598 A US3774598 A US 3774598A US 6247129 B1 US6247129 B1 US 6247129B1
Authority
US
United States
Prior art keywords
integrated circuit
circuit card
card
computer
access device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US09/037,745
Inventor
Kimberly Ann Keathley
Ann-Pin Chen
Nancy McCusker
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visa International Service Association
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visa International Service Association filed Critical Visa International Service Association
Priority to US09/037,745 priority Critical patent/US6247129B1/en
Assigned to VISA INTERNATIONAL SERVICE ASSOCIATION reassignment VISA INTERNATIONAL SERVICE ASSOCIATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MCCUSKER, NANCY, KEATHLEY, KIMBERLY ANN, CHEN, ANN-PIN
Application granted granted Critical
Publication of US6247129B1 publication Critical patent/US6247129B1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Definitions

  • the present invention relates to electronic commerce and more particularly to systems and methods for using a network for electronic commerce.
  • the Internet is a new means by which consumers can access and purchase information, communicate and pay for services, and acquire and pay for goods. Because of the anonymous nature of communication networks, new methods and systems must be developed to substitute for existing procedures used in face-to-face or mail order/telephone order transactions. These methods and systems should provide confidential transmission, authentication of parties involved, and assurance of the integrity of payment instructions for goods and services.
  • the Secure Electronic Transaction (SET) Specification has been developed.
  • the SET protocol allows customers to make payment card transactions securely over the Internet.
  • transactions made using this protocol generally involve an initial cardholder registration process that requires account data to be entered manually (e.g., via a keyboard at the cardholder's personal computer (PC)).
  • the SET protocol supports several levels of security, some of which are only accessible if cardholder-related data is stored on the cardholder access device, generally limiting the availability of such security to the cardholder's own PC.
  • the use of SET does not allow the issuer to authenticate that a card was present or that the cardholder was genuine when authorizing payment transactions.
  • What is needed is a system that enhances transaction security over the Internet by verifying presence of a card while providing freedom to the user to initiate transactions from multiple card access devices.
  • cardholder authentication is provided by use of on-card symmetric cryptographic processing.
  • the cardholder thus need not be limited to performing transactions from any particular computer system.
  • Asymmetric cryptographic techniques are employed for communication of transaction data over the network.
  • a computer-implemented method for processing transactions over a network includes steps of: establishing a connection between a card access device coupled to the network and an integrated circuit card, transferring a cryptogram generation command comprising challenge data from the card access device to the integrated circuit card, in response to the cryptogram generation command, using the integrated circuit card to encrypt the challenge data to form a response, transferring the response from the integrated circuit card to the card access device, forming a payment instruction message at the card access device, the payment instruction message including the response, encrypting at least a portion of the payment instruction message using asymmetric cryptographic techniques.
  • a second embodiment of the present invention provides a computer program product for facilitating secure electronic commerce.
  • the product is for use with a computer coupled to a network and a card reading device.
  • the product includes: code for establishing a connection between the computer and an integrated circuit card in communication with the card reading device, code for transferring a cryptogram generation command comprising challenge data from the computer to the integrated circuit card, code for receiving a response to the cryptogram generation command from the integrated circuit card, code for forming a payment instruction message, the payment instruction message including the response, and a computer-readable medium for storing the codes.
  • a third embodiment of the present invention provides an integrated circuit card.
  • the integrated circuit card includes: an interface for receiving external commands and data, a symmetric cryptographic processor that encrypts a challenge value received via the interface to form a response to transmit via the interface, an asymmetric cryptographic processor that encrypts a value received from the interface using a private key unique to the integrated circuit card, and a memory storing the key and a certificate including a public key matching the private key unique to the integrated circuit card, the public key being signed by a private key of a certificate authority.
  • FIG. 1 depicts a general architecture for electronic commerce according to one embodiment of the present invention.
  • FIG. 2 depicts a computer system suitable for use with the present invention.
  • FIG. 3 depicts an integrated circuit card according to one embodiment of the present invention.
  • FIG. 4 is a top-level flowchart describing steps of transaction processing according to one embodiment of the present invention.
  • FIG. 1 depicts a general architecture for electronic commerce according to one embodiment of the present invention.
  • a cardholder employs a cardholder access device (CAD) 102 to order merchandise, services, or information from a merchant that operates a merchant server system 104 .
  • CAD 102 includes a card reading device 106 .
  • CAD 102 may be, for example, a cardholder's PC or a public kiosk.
  • Payment for the cardholder's order is arranged through a payment gateway 108 .
  • Payment gateway 108 in turn interacts with other computer systems such as an acquirer server 109 . These other computer systems are not shown.
  • Communication among merchant server 104 , payment gateway 108 , and CAD 102 is preferably through the Internet 110 .
  • a private connection is used between payment gateway 108 and acquirer server 109 .
  • Merchant server 104 is a system that interfaces with CAD 102 to offer goods or services in return for electronic payment. Merchant server 104 interfaces with payment gateway 108 to process electronic commerce transactions. Payment gateway 108 is a logical entity that provides electronic commerce services to the merchants in support an acquirer and interfaces to acquirer server 109 to support the authorization and capture of electronic commerce transactions. The acquirer is typically a financial institution that supports merchants by providing services for processing electronic transactions.
  • Acquirer server 109 in turn interacts with a card issuer 112 .
  • card issuer 112 helps authenticate a card inserted into integrated circuit card 106 .
  • Issuer 112 and payment gateway 108 preferably interact through a private network 114 rather than the Internet 110 .
  • interaction among CAD 102 , merchant server 104 , and payment gateway 108 is defined in part according to the SET Secure Electronic Transaction Specification (Version 1.0 May 31, 1997) published by Visa, the assignee of the present application, and MasterCard. This document will be referred to herein as the “SET Specification” and incorporated by reference for all purposes.
  • FIG. 2 depicts a computer system suitable for use with the present invention.
  • FIG. 2 shows basic subsystems of a computer system 200 suitable for use with the present invention.
  • Computer system 200 may represent the implementation of payment gateway 108 , merchant server 104 , or CAD 102 .
  • FIG. 2 shows basic subsystems of a computer system 200 suitable for use with the present invention.
  • Computer system 200 may represent the implementation of payment gateway 108 , merchant server 104 , or CAD 102 .
  • computer system 200 includes a bus 212 which interconnects major subsystems such as a central processor 214 , a system memory 216 , an input/output controller 218 , a CD-ROM player 220 operative to receive a CD-ROM 222 , a display screen 224 via a display adapter 226 , a serial port 228 , a keyboard 230 , a storage interface 231 connected to a fixed disk drive 232 , and a floppy disk drive 233 operative to receive a floppy disk 233 A.
  • Many other devices may be connected such as a mouse 236 connected to serial port 228 or a network interface 238 through another serial port 240 .
  • Source code to implement the present invention may be operably disposed in system memory 216 or stored on storage media such as fixed disk 232 or floppy disk 233 A, fixed disk 232 , or CD-ROM 232 .
  • card reading device 106 When computer system 200 implements a CAD, card reading device 106 is also connected as part of computer system 200 . Card reading device 106 may accept an integrated circuit card (ICC) 234 .
  • ICC integrated circuit card
  • FIG. 3 depicts ICC 234 according to one embodiment of the present invention.
  • ICC 234 Various mechanical and electrical characteristics of ICC 234 and aspects of its interaction with card reading device 106 are defined by the following specifications, all of which are herein incorporated by reference.
  • ICC 234 may provide the functionality of a credit card, debit card, ATM card, stored value card, identification card, etc.
  • ICC 234 includes electrical contacts 302 for receiving power and exchanging information with card reading device 106 .
  • a magnetic stripe 304 allows storage of information for reading by magnetic stripe readers.
  • An integrated circuit 306 includes a processor and memory for storing application information.
  • An embossing area 308 is available for imprinting the cardholder name, account number, and expiration date.
  • the combination of memory and processor preferably implements a symmetric cryptographic processor and in certain embodiments an asymmetric cryptographic processor.
  • the symmetric cryptographic processor preferably uses the DES algorithm to encrypt an externally generated value employing a symmetric key.
  • the asymmetric cryptographic processor preferably uses the RSA algorithm to encrypt an externally generated value employing a private asymmetric key.
  • the symmetric key and asymmetric key are preferably stored in memory so as to be inaccessible to external devices interacting with integrated circuit card 234 .
  • SET ensures the integrity and authenticity of cardholder account data transmitted through the Internet and does not require the use of an ICC or any physical payment card to initiate a purchase transaction.
  • SET defines the transmission of a digital signature from CAD 102 to merchant server 104 and payment gateway 108 to ensure that the data transmitted from the cardholder has not been changed. According to the present invention, this digital signature operation may be performed either by CAD 102 or by ICC 234 .
  • the SET protocol allows the transmission of a certificate chain to the merchant, validating a relationship between the cardholder and issuer. According to the present invention, this certificate chain, if used, may be stored either on CAD 102 or on ICC 234 .
  • cardholder certificates function as electronic representation of a payment card.
  • Each cardholder certificate is digitally signed by a financial institution using the private key of the financial institution.
  • the cardholder certificate includes the public signature key of the cardholder, and a hash of the cardholder's account information and secret value known to the SET software operating on CAD 102 . All of this data is signed with the private signature key of the financial institution.
  • This certificate is transmitted to merchants with purchase requests and encrypted payment instructions.
  • SET does not mandate the use of cardholder certificates but allows for their use to enhance security.
  • the cardholder certificate is verifiable through a hierarchy of trust.
  • the cardholder certificate is linked to a signature certificate of the entity, a cardholder certificate authority (CCA), that digitally signed the cardholder certificate.
  • the signature certificate of the CCA includes the public signature key of the CCA signed by geopolitical certificate authority (GCA) with its own private signature key.
  • GCA geopolitical certificate authority
  • the CCA certificate is linked to a GCA certificate which includes the public signature key of the GCA signed by the payment brand (e.g., Visa, MasterCard, etc.) with its private signature key.
  • the GCA certificate is linked to a payment brand certificate that includes the public signature key of the payment brand as signed by a root authority with its private signature key.
  • the payment brand certificate is in turn linked to a root authority certificate which includes the root's public signature key signed by the root's private key.
  • a GCA For each payment brand, there may be a GCA for each country.
  • a recipient of the cardholder certificate will be able to verify it using the public signature key of the CCA.
  • the public signature key of the CCA is verifiable by use of the public signature key of the GCA to decrypt the CCA certificate.
  • the public signature key of the GCA is verifiable by using the payment brand public key to decrypt the GCA certificate.
  • the payment brand public signature key is verifiable by using the root public signature key to decrypt the payment brand certificate.
  • SET provides for the certificate chain to be maintained on CAD 102 .
  • the certificate chain may also be stored on ICC 234 .
  • the present invention augments the protections provided by SET using on-line authorization by issuer 112 .
  • Integrated circuit card 234 generates an authorization request cryptogram (ARQC) which is used by issuer 112 to authenticate the card.
  • ARQC authorization request cryptogram
  • integrated circuit card 234 incorporates asymmetric cryptographic processing and stores a cardholder certificate and the chain of certificates leading from the cardholder certificate to the root.
  • integrated circuit card 234 does not incorporate asymmetric cryptographic processing and does not store the cardholder certificate and the other certificates of the chain.
  • a cardholder certificate and certificate chain are associated with integrated circuit but stored on CAD 102 which is capable of asymmetric cryptographic processing.
  • integrated circuit card 234 does not incorporate asymmetric cryptographic processing and does not store the cardholder certificate and the other certificates of the chain. Also, there is no cardholder certificate associated with this card and stored by CAD 102 .
  • FIG. 4 is a top-level flowchart describing steps of transaction processing according to one embodiment of the present invention.
  • the cardholder shops, e.g., by browsing through the merchant's website.
  • CAD 102 may be equipped with an HTTP-compatible browser to facilitate viewing catalog information stored on merchant server 104 .
  • the user has decided to purchase particular goods or services, he or she initiates a request, e.g., by selecting a link or screen button within the browser.
  • Merchant server 104 receives the request and responds by sending CAD 102 a merchant certificate and a payment gateway certificate at step 406 .
  • the merchant certificate includes the public key-exchange key of the merchant.
  • the payment gateway certificate includes the public key-exchange key of the payment gateway. These certificates are signed with the private keys of CCAs to which the merchant and payment gateway are assigned.
  • software on CAD 102 verifies the merchant and payment gateway certificates by traversing the certificate chain to the root key.
  • CAD 102 checks for the presence of integrated circuit card 234 in card reading device 106 . If integrated circuit card 234 is not present, further operation is in accordance with SET techniques at step 412 . If integrated circuit card 234 is present, processing proceeds to step 414 where CAD 102 selects the particular application on integrated circuit card 234 that incorporates the features of the present invention. According to the various EMV Specifications and the VIS Specification, integrated circuit card 234 may support multiple applications. If integrated circuit card 234 operates according to the VIS specification, the selected application is preferably a credit/debit application and there need not be a separate application defined for networked electronic commerce.
  • initial application processing functions are performed between CAD 102 and integrated circuit card 234 .
  • CAD 102 issues a command to integrated circuit card 234 to retrieve a list of files and records stored on the card and related to the selected application. This command also retrieves a list of functions supported by the selected application. This list will indicate whether integrated circuit card 234 supports cardholder verification.
  • CAD 102 sends a purchase initialization request to merchant server 104 in accordance with SET.
  • the purchase initialization request includes the brand of integrated circuit card 234 , e.g., “Visa.”
  • merchant server 104 sends a purchase initialization request response to CAD 102 .
  • the purchase initialization request response preferably includes a transaction identifier uniquely identifying the transaction among other data specified by SET.
  • CAD 102 retrieves the listed files and records associated with the selected application from integrated circuit card 234 .
  • the retrieved information includes the cardholder's personal account number (PAN) and expiration date.
  • PAN personal account number
  • CAD 102 reads the cardholder certificate and certificate chain from integrated circuit card 234 .
  • integrated circuit card 234 may also store a URL identifying a network address of the payment brand. CAD 102 retrieves this URL and accesses the identified network address to retrieve and display images identifying the card issuer and payment brand.
  • CAD 102 performs cardholder verification if this is supported by integrated circuit card 234 . Included in the files and records retrieved at step 418 is a list of cardholder verification methods supported by the card. The preferred method of cardholder verification is offline PIN processing. If CAD 102 also supports offline PIN processing, the cardholder is prompted for entry of his or her PIN. CAD 102 sends the entered PIN as cleartext to integrated circuit card 234 . Integrated circuit card 234 compares the entered PIN with a reference PIN and returns the results of the comparison to CAD 102 . CAD 102 records whether offline PIN processing was performed, whether a PIN was actually entered, and the results of the comparison to the reference PIN.
  • Step 422 begins an on-line authorization procedure where issuer 112 may verify the authenticity of integrated circuit card 234 .
  • CAD 102 requests generation of an authorization request cryptogram (ARQC) if PIN entry was successful, or an application authorization cryptogram (AAC) if PIN entry was not successful.
  • a request for an AAC is tantamount to declining the transaction.
  • the request for an ARQC or AAC includes variable data particular to the transaction, preferably including an amount authorized by the merchant, a transaction currency code previously supplied by the merchant, transaction date, and an unpredictable number.
  • integrated circuit card 234 In response to the request for an ARQC, integrated circuit card 234 preferably performs various card risk management functions including checking for previous authentication failures, PIN entry results, and other risk factors. If an AAC has been requested by CAD 102 or any of the risk factors are present, integrated circuit card 234 returns an AAC to CAD 102 . CAD 102 responds to the AAC by terminating the transaction. If an ARQC has been requested and integrated circuit card 234 previously successfully performed the PIN comparison, integrated circuit card 234 responds by returning an ARQC.
  • Both an ARQC and an AAC preferably include the variable data listed above encrypted with a symmetric key unique to integrated circuit card 234 .
  • the encryption algorithm is DES.
  • the ARQC is sent to issuer 112 for on-line authentication of the card. Receipt of an AAC by CAD 102 result in termination of the transaction.
  • the unpredictable number is formed by CAD 102 through the following process.
  • the transaction identifier which is preferably a 20 byte value is divided into five 4-byte blocks.
  • the first (leftmost) block is exclusive-ORed with the second block.
  • the result of this first exclusive OR operation is exclusive-ORed with the third block.
  • the result of the second exclusive OR operation is exclusive-ORed with the fourth block.
  • the result of the third exclusive OR operation is exclusive-ORed with the fifth (rightmost) block to form the unpredictable number.
  • CAD 102 formulates a purchase request to the merchant will depend on whether this is an Option 1, Option 2, or Option 3 system.
  • CAD 102 checks whether SET-related data including the cardholder certificate chain and a value known as the PAN secret are stored on integrated circuit card 234 indicating that the card is configured for Option 1.
  • the PAN secret is the result of exclusive-ORing an arbitrary number associated with the card with an arbitrary number associated with the issuer. If the card is configured for Option 1, formulation of the purchase request occurs at step 426 .
  • CAD 102 checks at step 428 to see if it has the cardholder certificate chain and PAN secret internally stored, indicating an Option 2 system. If this is an Option 2 system, the purchase request is formulated at step 430 . If the cardholder certificate chain and PAN secret are present on neither integrated circuit card 234 nor CAD 102 , this indicates an Option 3 system and the purchase request is formulated at step 432 .
  • a purchase request includes two parts, order information (OI) and payment instructions (PI).
  • OI order information
  • PI payment instructions
  • the OI identifies the order to the merchant.
  • the PI is not reviewed by the merchant but is instead forwarded to payment gateway 108 .
  • SET provides for generation of a dual signature for the OI and PI.
  • Message digests for both the OI and PI are generated and concatenated.
  • the message digest of the concatenation result is generated and encrypted using the cardholder private signature key to form a dual signature.
  • the PI is encrypted with a randomly generated symmetric key. This randomly generated symmetric key along with the cardholder's account information is encrypted with the private key-exchange key of the payment gateway.
  • the purchase request as sent to the merchant includes the encrypted PI and OI.
  • the purchase request also includes the cardholder certificate chain.
  • CAD 102 creates the PI and OI as defined by the SET Specification. Where the personal account number and expiration date would normally appear in the PI, CAD 102 includes a series of zeroes. CAD 102 forms a special data object including certain integrated circuit card-related data. This data includes the ARQC and the cleartext data encrypted within the ARQC including the unpredictable number. This special data object is embedded in the PI. All of the steps of generating the purchase request are performed by CAD 102 except for encrypting the message digest of the concatenation result using the cardholder private key. This step is performed by integrated circuit card 234 . In a preferred embodiment where integrated circuit card 234 conforms to the VIS specification, this encryption is performed using the INTERNAL AUTHENTICATE command included in the specification.
  • Option 2 processing at step 430 is the same as Option 1 processing at step 426 , except that all steps of forming the purchase request are now performed by CAD 102 including encrypting the message digest of the concatenation result using the cardholder private key.
  • CAD 102 creates the PI and OI as defined by the SET specification.
  • the integrated circuit card-related data is included with the PI.
  • no dual signature is created for the payment request.
  • CAD 102 sends the purchase request to merchant server 104 .
  • integrated circuit card 234 is no longer needed to complete the transaction and CAD 102 may prompt the cardholder to remove his or her card from card reading device 106 .
  • merchant server 104 processes the purchase request in accordance with SET. A portion of the purchase request is the PI which is forwarded to payment gateway 108 .
  • payment gateway 108 processes the PI.
  • Payment gateway 108 decrypts the PI using its private key-exchange key. After decrypting the PI, payment gateway 108 checks for the card-related data in the PI to determine if the purchase request involved use of an integrated circuit card. Once this has been verified, payment gateway 108 recalculates the unpredictable number from the transaction identifier and the merchant identifier it obtains from the ARQC. The result is compared with the unpredictable number transmitted within the PI. If there is no match, the transaction is rejected. The PAN and card expiration date are decrypted.
  • Payment gateway 108 sends issuer 112 via acquirer server 109 an authorization request that includes the data related to the payment transaction.
  • the authorization request also preferably includes information indicating whether or not SET certificates were used and whether these certificates were present on integrated circuit card 234 .
  • Issuer 112 is aware of the unique symmetric key of the cardholder and attempts to verify the ARQC from the cleartext information included in the integrated circuit card related data. Issuer 112 applies the unique cardholder key to symmetrically encrypt the cleartext information and obtain ARQC′. If ARQC′ matches ARQC, issuer 112 sends an authorization response message to payment gateway 108 indicating that the transaction is authorized by issuer 112 .
  • Payment gateway 108 responds to receipt of this authorization request message by sending an authorization message to merchant server 104 . Merchant server 104 may then fulfill the order.
  • the card authentication operation of user 118 provides security that enhances or substitutes for the protection offered by the SET cardholder certificate. This security is potentially available to the cardholder through multiple acceptance devices, offering portability unavailable with prior art networked electronic commerce technologies.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A system for network-based electronic commerce employing integrated circuit cards is provided. In one embodiment, cardholder authentication is provided by use of on-card symmetric cryptographic processing. The cardholder thus need not be limited to performing transactions from any particular computer system. Asymmetric cryptographic techniques are employed for communication of transaction data over the network.

Description

STATEMENT OF RELATED APPLICATIONS
This application claims priority from U.S. Provisional Application No. 60/040,958 filed on Mar. 12, 1997, the contents of which are herein incorporated by reference.
BACKGROUND OF THE INVENTION
The present invention relates to electronic commerce and more particularly to systems and methods for using a network for electronic commerce.
The Internet is a new means by which consumers can access and purchase information, communicate and pay for services, and acquire and pay for goods. Because of the anonymous nature of communication networks, new methods and systems must be developed to substitute for existing procedures used in face-to-face or mail order/telephone order transactions. These methods and systems should provide confidential transmission, authentication of parties involved, and assurance of the integrity of payment instructions for goods and services.
To achieve these objectives and others, the Secure Electronic Transaction (SET) Specification has been developed. The SET protocol allows customers to make payment card transactions securely over the Internet. However, transactions made using this protocol generally involve an initial cardholder registration process that requires account data to be entered manually (e.g., via a keyboard at the cardholder's personal computer (PC)). The SET protocol supports several levels of security, some of which are only accessible if cardholder-related data is stored on the cardholder access device, generally limiting the availability of such security to the cardholder's own PC. The use of SET does not allow the issuer to authenticate that a card was present or that the cardholder was genuine when authorizing payment transactions.
What is needed is a system that enhances transaction security over the Internet by verifying presence of a card while providing freedom to the user to initiate transactions from multiple card access devices.
SUMMARY OF THE INVENTION
By virtue of the present invention, a system for network-based electronic commerce employing integrated circuit cards is provided. In one embodiment, cardholder authentication is provided by use of on-card symmetric cryptographic processing. The cardholder thus need not be limited to performing transactions from any particular computer system. Asymmetric cryptographic techniques are employed for communication of transaction data over the network.
According to a first embodiment of the present invention, a computer-implemented method for processing transactions over a network is provided. The method includes steps of: establishing a connection between a card access device coupled to the network and an integrated circuit card, transferring a cryptogram generation command comprising challenge data from the card access device to the integrated circuit card, in response to the cryptogram generation command, using the integrated circuit card to encrypt the challenge data to form a response, transferring the response from the integrated circuit card to the card access device, forming a payment instruction message at the card access device, the payment instruction message including the response, encrypting at least a portion of the payment instruction message using asymmetric cryptographic techniques.
A second embodiment of the present invention provides a computer program product for facilitating secure electronic commerce. The product is for use with a computer coupled to a network and a card reading device. The product includes: code for establishing a connection between the computer and an integrated circuit card in communication with the card reading device, code for transferring a cryptogram generation command comprising challenge data from the computer to the integrated circuit card, code for receiving a response to the cryptogram generation command from the integrated circuit card, code for forming a payment instruction message, the payment instruction message including the response, and a computer-readable medium for storing the codes.
A third embodiment of the present invention provides an integrated circuit card. The integrated circuit card includes: an interface for receiving external commands and data, a symmetric cryptographic processor that encrypts a challenge value received via the interface to form a response to transmit via the interface, an asymmetric cryptographic processor that encrypts a value received from the interface using a private key unique to the integrated circuit card, and a memory storing the key and a certificate including a public key matching the private key unique to the integrated circuit card, the public key being signed by a private key of a certificate authority.
A further understanding of the nature and advantages of the inventions herein may be realized by reference to the remaining portions of the specification and the attached drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 depicts a general architecture for electronic commerce according to one embodiment of the present invention.
FIG. 2 depicts a computer system suitable for use with the present invention.
FIG. 3 depicts an integrated circuit card according to one embodiment of the present invention.
FIG. 4 is a top-level flowchart describing steps of transaction processing according to one embodiment of the present invention.
DESCRIPTION OF SPECIFIC EMBODIMENTS
The discussion that follows assumes a familiarity with cryptographic techniques. A good general reference is Schneier, Applied Cryptography Second Edition (John Wiley & Sons, 1996), the contents of which are herein incorporated by reference.
FIG. 1 depicts a general architecture for electronic commerce according to one embodiment of the present invention. A cardholder employs a cardholder access device (CAD) 102 to order merchandise, services, or information from a merchant that operates a merchant server system 104. CAD 102 includes a card reading device 106. CAD 102 may be, for example, a cardholder's PC or a public kiosk.
Payment for the cardholder's order is arranged through a payment gateway 108. Payment gateway 108 in turn interacts with other computer systems such as an acquirer server 109. These other computer systems are not shown. Communication among merchant server 104, payment gateway 108, and CAD 102 is preferably through the Internet 110. A private connection is used between payment gateway 108 and acquirer server 109.
Merchant server 104 is a system that interfaces with CAD 102 to offer goods or services in return for electronic payment. Merchant server 104 interfaces with payment gateway 108 to process electronic commerce transactions. Payment gateway 108 is a logical entity that provides electronic commerce services to the merchants in support an acquirer and interfaces to acquirer server 109 to support the authorization and capture of electronic commerce transactions. The acquirer is typically a financial institution that supports merchants by providing services for processing electronic transactions.
Acquirer server 109 in turn interacts with a card issuer 112. According to one embodiment of the present invention, card issuer 112 helps authenticate a card inserted into integrated circuit card 106. Issuer 112 and payment gateway 108 preferably interact through a private network 114 rather than the Internet 110.
In a preferred embodiment, interaction among CAD 102, merchant server 104, and payment gateway 108 is defined in part according to the SET Secure Electronic Transaction Specification (Version 1.0 May 31, 1997) published by Visa, the assignee of the present application, and MasterCard. This document will be referred to herein as the “SET Specification” and incorporated by reference for all purposes.
FIG. 2 depicts a computer system suitable for use with the present invention. FIG. 2 shows basic subsystems of a computer system 200 suitable for use with the present invention. Computer system 200 may represent the implementation of payment gateway 108, merchant server 104, or CAD 102. In FIG. 2, computer system 200 includes a bus 212 which interconnects major subsystems such as a central processor 214, a system memory 216, an input/output controller 218, a CD-ROM player 220 operative to receive a CD-ROM 222, a display screen 224 via a display adapter 226, a serial port 228, a keyboard 230, a storage interface 231 connected to a fixed disk drive 232, and a floppy disk drive 233 operative to receive a floppy disk 233A. Many other devices may be connected such as a mouse 236 connected to serial port 228 or a network interface 238 through another serial port 240. Many other devices or subsystems (not shown) may be connected in a similar manner. Also, it is not necessary for all of the devices shown in FIG. 2 to be present to practice the present invention, as discussed below. The devices and subsystems may be interconnected in different ways from that shown in FIG. 2. The operation of a computer system such as that shown in FIG. 2 is readily known in the art and is not discussed in detail in the present application. Source code to implement the present invention may be operably disposed in system memory 216 or stored on storage media such as fixed disk 232 or floppy disk 233A, fixed disk 232, or CD-ROM 232.
When computer system 200 implements a CAD, card reading device 106 is also connected as part of computer system 200. Card reading device 106 may accept an integrated circuit card (ICC) 234.
FIG. 3 depicts ICC 234 according to one embodiment of the present invention. Various mechanical and electrical characteristics of ICC 234 and aspects of its interaction with card reading device 106 are defined by the following specifications, all of which are herein incorporated by reference.
Visa Integrated Circuit Card Specification, (Visa International Service Association 1996).
EMV Integrated Circuit Card Specification for Payment Systems, (Visa International Service Association 1996).
EMV Integrated Circuit Card Terminal Specification for Payment Systems, (Visa International Service Association 1996).
EMV Integrated Circuit Card Application Specification for Payment Systems, (Visa International Service Association 1996).
International Standard: Identification Cards—Integrated Circuit(s) Cards with Contacts, Parts 1-6 (International Standards Organization 1987-1995).
Besides the electronic commerce features discussed in the present application, ICC 234 may provide the functionality of a credit card, debit card, ATM card, stored value card, identification card, etc. ICC 234 includes electrical contacts 302 for receiving power and exchanging information with card reading device 106. A magnetic stripe 304 allows storage of information for reading by magnetic stripe readers. An integrated circuit 306 includes a processor and memory for storing application information. An embossing area 308 is available for imprinting the cardholder name, account number, and expiration date.
The combination of memory and processor preferably implements a symmetric cryptographic processor and in certain embodiments an asymmetric cryptographic processor. The symmetric cryptographic processor preferably uses the DES algorithm to encrypt an externally generated value employing a symmetric key. The asymmetric cryptographic processor preferably uses the RSA algorithm to encrypt an externally generated value employing a private asymmetric key. The symmetric key and asymmetric key are preferably stored in memory so as to be inaccessible to external devices interacting with integrated circuit card 234.
The use of SET ensures the integrity and authenticity of cardholder account data transmitted through the Internet and does not require the use of an ICC or any physical payment card to initiate a purchase transaction. SET defines the transmission of a digital signature from CAD 102 to merchant server 104 and payment gateway 108 to ensure that the data transmitted from the cardholder has not been changed. According to the present invention, this digital signature operation may be performed either by CAD 102 or by ICC 234. In conjunction with the digital signatures, the SET protocol allows the transmission of a certificate chain to the merchant, validating a relationship between the cardholder and issuer. According to the present invention, this certificate chain, if used, may be stored either on CAD 102 or on ICC 234.
According to SET, cardholder certificates function as electronic representation of a payment card. Each cardholder certificate is digitally signed by a financial institution using the private key of the financial institution. Thus the cardholder certificate can only be generated by a fmancial institution and cannot be altered by a third party. The cardholder certificate includes the public signature key of the cardholder, and a hash of the cardholder's account information and secret value known to the SET software operating on CAD 102. All of this data is signed with the private signature key of the financial institution. This certificate is transmitted to merchants with purchase requests and encrypted payment instructions. SET does not mandate the use of cardholder certificates but allows for their use to enhance security.
The cardholder certificate is verifiable through a hierarchy of trust. The cardholder certificate is linked to a signature certificate of the entity, a cardholder certificate authority (CCA), that digitally signed the cardholder certificate. The signature certificate of the CCA includes the public signature key of the CCA signed by geopolitical certificate authority (GCA) with its own private signature key. The CCA certificate is linked to a GCA certificate which includes the public signature key of the GCA signed by the payment brand (e.g., Visa, MasterCard, etc.) with its private signature key. The GCA certificate is linked to a payment brand certificate that includes the public signature key of the payment brand as signed by a root authority with its private signature key. The payment brand certificate is in turn linked to a root authority certificate which includes the root's public signature key signed by the root's private key.
For each payment brand, there may be a GCA for each country. A recipient of the cardholder certificate will be able to verify it using the public signature key of the CCA. The public signature key of the CCA is verifiable by use of the public signature key of the GCA to decrypt the CCA certificate. In turn, the public signature key of the GCA is verifiable by using the payment brand public key to decrypt the GCA certificate. The payment brand public signature key is verifiable by using the root public signature key to decrypt the payment brand certificate. Thus, a merchant may verify a cardholder by traversing the certificate chain. SET provides for the certificate chain to be maintained on CAD 102. According to the present invention, the certificate chain may also be stored on ICC 234.
In one embodiment, the present invention augments the protections provided by SET using on-line authorization by issuer 112. Integrated circuit card 234 generates an authorization request cryptogram (ARQC) which is used by issuer 112 to authenticate the card.
The discussion that follows refers to three exemplary embodiments. In a first embodiment referred to as “Option 1,” integrated circuit card 234 incorporates asymmetric cryptographic processing and stores a cardholder certificate and the chain of certificates leading from the cardholder certificate to the root. In a second embodiment referred to as “Option 2,” integrated circuit card 234 does not incorporate asymmetric cryptographic processing and does not store the cardholder certificate and the other certificates of the chain. In “Option 2,” however, a cardholder certificate and certificate chain are associated with integrated circuit but stored on CAD 102 which is capable of asymmetric cryptographic processing. In a third embodiment referred to as “Option 3,” integrated circuit card 234 does not incorporate asymmetric cryptographic processing and does not store the cardholder certificate and the other certificates of the chain. Also, there is no cardholder certificate associated with this card and stored by CAD 102.
FIG. 4 is a top-level flowchart describing steps of transaction processing according to one embodiment of the present invention. Prior to processing of the transaction, at step 402, the cardholder shops, e.g., by browsing through the merchant's website. CAD 102 may be equipped with an HTTP-compatible browser to facilitate viewing catalog information stored on merchant server 104. At step 404, after the user has decided to purchase particular goods or services, he or she initiates a request, e.g., by selecting a link or screen button within the browser. Merchant server 104 receives the request and responds by sending CAD 102 a merchant certificate and a payment gateway certificate at step 406. The merchant certificate includes the public key-exchange key of the merchant. The payment gateway certificate includes the public key-exchange key of the payment gateway. These certificates are signed with the private keys of CCAs to which the merchant and payment gateway are assigned. At step 408, software on CAD 102 verifies the merchant and payment gateway certificates by traversing the certificate chain to the root key.
At step 410, CAD 102 checks for the presence of integrated circuit card 234 in card reading device 106. If integrated circuit card 234 is not present, further operation is in accordance with SET techniques at step 412. If integrated circuit card 234 is present, processing proceeds to step 414 where CAD 102 selects the particular application on integrated circuit card 234 that incorporates the features of the present invention. According to the various EMV Specifications and the VIS Specification, integrated circuit card 234 may support multiple applications. If integrated circuit card 234 operates according to the VIS specification, the selected application is preferably a credit/debit application and there need not be a separate application defined for networked electronic commerce.
At step 416, initial application processing functions are performed between CAD 102 and integrated circuit card 234. CAD 102 issues a command to integrated circuit card 234 to retrieve a list of files and records stored on the card and related to the selected application. This command also retrieves a list of functions supported by the selected application. This list will indicate whether integrated circuit card 234 supports cardholder verification.
At step 417, CAD 102 sends a purchase initialization request to merchant server 104 in accordance with SET. The purchase initialization request includes the brand of integrated circuit card 234, e.g., “Visa.” In response, merchant server 104 sends a purchase initialization request response to CAD 102. The purchase initialization request response preferably includes a transaction identifier uniquely identifying the transaction among other data specified by SET.
At step 418, CAD 102 retrieves the listed files and records associated with the selected application from integrated circuit card 234. The retrieved information includes the cardholder's personal account number (PAN) and expiration date. For Option 1 cards, CAD 102 reads the cardholder certificate and certificate chain from integrated circuit card 234. According to the present invention, integrated circuit card 234 may also store a URL identifying a network address of the payment brand. CAD 102 retrieves this URL and accesses the identified network address to retrieve and display images identifying the card issuer and payment brand.
At step 420, CAD 102 performs cardholder verification if this is supported by integrated circuit card 234. Included in the files and records retrieved at step 418 is a list of cardholder verification methods supported by the card. The preferred method of cardholder verification is offline PIN processing. If CAD 102 also supports offline PIN processing, the cardholder is prompted for entry of his or her PIN. CAD 102 sends the entered PIN as cleartext to integrated circuit card 234. Integrated circuit card 234 compares the entered PIN with a reference PIN and returns the results of the comparison to CAD 102. CAD 102 records whether offline PIN processing was performed, whether a PIN was actually entered, and the results of the comparison to the reference PIN.
Step 422 begins an on-line authorization procedure where issuer 112 may verify the authenticity of integrated circuit card 234. CAD 102 requests generation of an authorization request cryptogram (ARQC) if PIN entry was successful, or an application authorization cryptogram (AAC) if PIN entry was not successful. A request for an AAC is tantamount to declining the transaction. The request for an ARQC or AAC includes variable data particular to the transaction, preferably including an amount authorized by the merchant, a transaction currency code previously supplied by the merchant, transaction date, and an unpredictable number.
In response to the request for an ARQC, integrated circuit card 234 preferably performs various card risk management functions including checking for previous authentication failures, PIN entry results, and other risk factors. If an AAC has been requested by CAD 102 or any of the risk factors are present, integrated circuit card 234 returns an AAC to CAD 102. CAD 102 responds to the AAC by terminating the transaction. If an ARQC has been requested and integrated circuit card 234 previously successfully performed the PIN comparison, integrated circuit card 234 responds by returning an ARQC.
Both an ARQC and an AAC preferably include the variable data listed above encrypted with a symmetric key unique to integrated circuit card 234. In a preferred embodiment, the encryption algorithm is DES. Ultimately, the ARQC is sent to issuer 112 for on-line authentication of the card. Receipt of an AAC by CAD 102 result in termination of the transaction.
The unpredictable number is formed by CAD 102 through the following process. The transaction identifier, which is preferably a 20 byte value is divided into five 4-byte blocks. The first (leftmost) block is exclusive-ORed with the second block. The result of this first exclusive OR operation is exclusive-ORed with the third block. The result of the second exclusive OR operation is exclusive-ORed with the fourth block. The result of the third exclusive OR operation is exclusive-ORed with the fifth (rightmost) block to form the unpredictable number.
How CAD 102 formulates a purchase request to the merchant will depend on whether this is an Option 1, Option 2, or Option 3 system. At step 424, CAD 102 checks whether SET-related data including the cardholder certificate chain and a value known as the PAN secret are stored on integrated circuit card 234 indicating that the card is configured for Option 1. The PAN secret is the result of exclusive-ORing an arbitrary number associated with the card with an arbitrary number associated with the issuer. If the card is configured for Option 1, formulation of the purchase request occurs at step 426.
If the card is not configured for Option 1, CAD 102 checks at step 428 to see if it has the cardholder certificate chain and PAN secret internally stored, indicating an Option 2 system. If this is an Option 2 system, the purchase request is formulated at step 430. If the cardholder certificate chain and PAN secret are present on neither integrated circuit card 234 nor CAD 102, this indicates an Option 3 system and the purchase request is formulated at step 432.
According to SET, a purchase request includes two parts, order information (OI) and payment instructions (PI). The OI identifies the order to the merchant. The PI is not reviewed by the merchant but is instead forwarded to payment gateway 108. When a cardholder certificate is available, SET provides for generation of a dual signature for the OI and PI. Message digests for both the OI and PI are generated and concatenated. The message digest of the concatenation result is generated and encrypted using the cardholder private signature key to form a dual signature. The PI is encrypted with a randomly generated symmetric key. This randomly generated symmetric key along with the cardholder's account information is encrypted with the private key-exchange key of the payment gateway. The purchase request as sent to the merchant includes the encrypted PI and OI. The purchase request also includes the cardholder certificate chain.
In the case of Option 1 processing at step 426, CAD 102 creates the PI and OI as defined by the SET Specification. Where the personal account number and expiration date would normally appear in the PI, CAD 102 includes a series of zeroes. CAD 102 forms a special data object including certain integrated circuit card-related data. This data includes the ARQC and the cleartext data encrypted within the ARQC including the unpredictable number. This special data object is embedded in the PI. All of the steps of generating the purchase request are performed by CAD 102 except for encrypting the message digest of the concatenation result using the cardholder private key. This step is performed by integrated circuit card 234. In a preferred embodiment where integrated circuit card 234 conforms to the VIS specification, this encryption is performed using the INTERNAL AUTHENTICATE command included in the specification.
Option 2 processing at step 430 is the same as Option 1 processing at step 426, except that all steps of forming the purchase request are now performed by CAD 102 including encrypting the message digest of the concatenation result using the cardholder private key.
In the case of Option 3 processing at step 432, CAD 102 creates the PI and OI as defined by the SET specification. As with Option 1 and Option 3, the integrated circuit card-related data is included with the PI. However, no dual signature is created for the payment request.
At step 434, CAD 102 sends the purchase request to merchant server 104. At this time, integrated circuit card 234 is no longer needed to complete the transaction and CAD 102 may prompt the cardholder to remove his or her card from card reading device 106.
At step 436, merchant server 104 processes the purchase request in accordance with SET. A portion of the purchase request is the PI which is forwarded to payment gateway 108.
At step 438, payment gateway 108 processes the PI. Payment gateway 108 decrypts the PI using its private key-exchange key. After decrypting the PI, payment gateway 108 checks for the card-related data in the PI to determine if the purchase request involved use of an integrated circuit card. Once this has been verified, payment gateway 108 recalculates the unpredictable number from the transaction identifier and the merchant identifier it obtains from the ARQC. The result is compared with the unpredictable number transmitted within the PI. If there is no match, the transaction is rejected. The PAN and card expiration date are decrypted.
Payment gateway 108 sends issuer 112 via acquirer server 109 an authorization request that includes the data related to the payment transaction. The authorization request also preferably includes information indicating whether or not SET certificates were used and whether these certificates were present on integrated circuit card 234. Issuer 112 is aware of the unique symmetric key of the cardholder and attempts to verify the ARQC from the cleartext information included in the integrated circuit card related data. Issuer 112 applies the unique cardholder key to symmetrically encrypt the cleartext information and obtain ARQC′. If ARQC′ matches ARQC, issuer 112 sends an authorization response message to payment gateway 108 indicating that the transaction is authorized by issuer 112. Payment gateway 108 responds to receipt of this authorization request message by sending an authorization message to merchant server 104. Merchant server 104 may then fulfill the order.
The card authentication operation of user 118 provides security that enhances or substitutes for the protection offered by the SET cardholder certificate. This security is potentially available to the cardholder through multiple acceptance devices, offering portability unavailable with prior art networked electronic commerce technologies.
In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made thereunto without departing from the broader spirit and scope of the invention as set forth in the appended claims and their full scope of equivalents. For example, the specification has discussed enhancements to the EMV, VIS, and SET specifications. The present invention is not, however, limited to use with any particular protocol or specification for cards electronic commerce.

Claims (17)

What is claimed is:
1. A computer-implemented method for securely processing commercial transactions over a network, comprising the steps of:
providing a card access device;
providing an integrated circuit card;
establishing a connection between the card access device and the integrated circuit card, wherein the card access device is coupled to the network;
providing a cryptogram generation command comprising challenge data;
transferring the cryptogram generation command from the card access device to the integrated circuit card;
encrypting the challenge data using the integrated circuit card to form a response, wherein the step of encrypting the challenge data is in response to the cryptogram generation command;
transferring the response from the integrated circuit card to the card access device;
forming a payment instruction message at the card access device, wherein the payment instruction message comprises the response; and
encrypting at least a portion of the payment instruction message using asymmetric cryptographic techniques wherein the two encrypting steps are part of a same commercial transaction.
2. The computer-implemented method for processing transactions of claim 1, further comprising the step of reading the cardholder certificate from the integrated circuit card.
3. The computer-implemented method for processing transactions of claim 1, further comprising the step of reading a certificate chain from the integrated circuit card.
4. The computer-implemented method for processing transactions of claim 3, wherein the certificate chain includes a chain of certificates leading from the integrated circuit card to a root.
5. The computer-implemented method for processing transactions of claim 1, further comprising a step of verifying the authenticity of the integrated circuit card.
6. The computer-implemented method for processing transactions of claim 5, wherein the verifying step includes decrypting the challenge data remotely from the integrated circuit card.
7. The computer-implemented method for processing transactions of claim 1, further comprising a step of sending the encrypted payment instruction message from the card access device to a merchant via the network.
8. The computer-implemented method for processing transactions of claim 1, wherein the step of encrypting the payment instruction message comprises using a symmetric key to encrypt the at least a portion of the payment instruction message and encrypting the symmetric key with a public key of a payment processor.
9. The computer-implemented method for processing transactions of claim 1, further comprising the steps of:
forming an order information message at the card access device;
hashing the order information message to obtain a digest of the order information message;
hashing the payment instruction message to obtain a digest of the payment instruction message;
concatenating the digest of the order information message and the digest of the payment instruction message to obtain a concatenated digest; and
encrypting the concatenated digest with a private signature key particular to the integrated circuit card to obtain a signed concatenated digest.
10. The computer-implemented method for processing transactions of claim 9, wherein the private signature key is inaccessible to the interface.
11. The computer-implemented method for processing transactions of claim 9, wherein the step of encrypting the concatenated digest step is performed by the integrated circuit card.
12. The computer-implemented method for processing transactions of claim 9, wherein the encrypting the concatenated digest step is performed by the card access device.
13. The computer-implemented method for processing transactions over a network of claim 1, wherein the challenge data comprises an unpredictable number.
14. The computer-implemented method for processing transactions over a network of claim 13, wherein the unpredictable number is derived from an identifier identifying a particular merchant and an identifier identifying a particular transaction.
15. The computer-implemented method for processing transactions of claim 1, further comprising the steps of:
forming an order information message at the card access device;
hashing the order information message to obtain a digest of the order information message;
hashing the payment instruction message to obtain a digest of the payment instruction message;
concatenating the digest of the order information message and the digest of the payment instruction message to obtain a concatenated digest; and
encrypting the concatenated digest with a private signature key particular to the integrated circuit card to obtain a signed concatenated digest.
16. An integrated circuit card for use in secure electronic commerce, comprising:
an interface for receiving external commands and data;
a symmetric cryptographic processor that encrypts a challenge value received via the interface to form a response for transmission via the interface;
an asymmetric cryptographic processor that encrypts a value received from the interface using a first private key unique to the integrated circuit card; and
a memory storing the first private key and a certificate comprising a public key matching the first private key unique to the integrated circuit card, the public key being signed by a second private key of a certificate authority.
17. A computer-implemented method for securely processing commercial transactions over a network, comprising the steps of:
establishing a connection between a card access device and an integrated circuit card, wherein the card access device is coupled to the network;
transferring a cryptogram generation command from the card access device to the integrated circuit card, wherein:
the cryptogram generation command comprises challenge data, and
the challenge data comprises an unpredictable number;
encrypting the challenge data using the integrated circuit card to form a response, wherein the step of encrypting the challenge data is in response to the cryptogram generation command;
transferring the response from the integrated circuit card to the card access device;
reading the cardholder certificate from the integrated circuit card;
reading a certificate chain from the integrated circuit card, wherein the certificate chain includes a chain of certificates leading from the integrated circuit card to a root;
forming a payment instruction message at the card access device, wherein the payment instruction message comprises the response;
encrypting at least a portion of the payment instruction message using asymmetric cryptographic techniques, wherein the step of encrypting the payment instruction message comprises using a symmetric key to encrypt the at least a portion of the payment instruction message and encrypting the symmetric key with a public key of a payment processor; and
sending the encrypted payment instruction message from the card access device to a merchant via the network.
US09/037,745 1997-03-12 1998-03-10 Secure electronic commerce employing integrated circuit cards Expired - Lifetime US6247129B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US09/037,745 US6247129B1 (en) 1997-03-12 1998-03-10 Secure electronic commerce employing integrated circuit cards

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US4095897P 1997-03-12 1997-03-12
US09/037,745 US6247129B1 (en) 1997-03-12 1998-03-10 Secure electronic commerce employing integrated circuit cards

Publications (1)

Publication Number Publication Date
US6247129B1 true US6247129B1 (en) 2001-06-12

Family

ID=21913930

Family Applications (1)

Application Number Title Priority Date Filing Date
US09/037,745 Expired - Lifetime US6247129B1 (en) 1997-03-12 1998-03-10 Secure electronic commerce employing integrated circuit cards

Country Status (3)

Country Link
US (1) US6247129B1 (en)
AU (1) AU6758898A (en)
WO (1) WO1998040982A1 (en)

Cited By (91)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010053220A1 (en) * 1998-06-03 2001-12-20 Cryptography Research, Inc. Cryptographic computation using masking to prevent differential power analysis and other attacks
US20020016765A1 (en) * 2000-07-11 2002-02-07 David Sacks System and method for third-party payment processing
US20020111919A1 (en) * 2000-04-24 2002-08-15 Visa International Service Association Online payer authentication service
WO2002069085A2 (en) * 2001-02-21 2002-09-06 Citibank, N.A. Method and system for electronic commerce using a mobile communication system
US20020128973A1 (en) * 2000-07-10 2002-09-12 Kranzley Arthur D. Method and system for conducting secure electronic commerce transactions with authorization request data loop-back
WO2003009246A2 (en) * 2001-07-20 2003-01-30 Fleet Credit Card Services, Llp. Third party card validation over network for ecommerce
US20030028771A1 (en) * 1998-01-02 2003-02-06 Cryptography Research, Inc. Leak-resistant cryptographic payment smartcard
US20030051146A1 (en) * 2001-09-11 2003-03-13 Akihiro Ebina Security realizing system in network
US20030056099A1 (en) * 2001-09-17 2003-03-20 Toshiyuki Asanoma Public key infrastructure (PKI) based system, method, device and program
US6549912B1 (en) * 1998-09-23 2003-04-15 Visa International Service Association Loyalty file structure for smart card
FR2834842A1 (en) * 2002-01-16 2003-07-18 Iteon Terminal transaction authentication having card asymmetric encryption algorithm generating cryptogram and authentication exchanging information card/terminal with supplementary algorithm generating secret specification
WO2003073389A2 (en) * 2002-02-28 2003-09-04 Mastercard Europe Sprl Authentication arrangement and method for use with financial transactions
US20030188158A1 (en) * 1998-07-02 2003-10-02 Kocher Paul C. Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
US20030233318A1 (en) * 2001-11-26 2003-12-18 King Douglas W. Systems and methods for fund transfers
US20040034782A1 (en) * 2002-08-11 2004-02-19 Park Jung Woong Card equipped with secret number input keys and the method of activating the same
US20040059688A1 (en) * 2002-09-10 2004-03-25 Visa International Service Association Data authentication and provisioning method and system
US20040128256A1 (en) * 2002-12-04 2004-07-01 Krouse Wayne F. Remote location credit card transaction system with card present security system
US20040181531A1 (en) * 2003-03-12 2004-09-16 Clark Becker Speed pass system
US20040220876A1 (en) * 2003-05-02 2004-11-04 Liu David J. Systems and methods for services over a financial transaction platform
US20040268127A1 (en) * 2003-06-17 2004-12-30 Sahota Jagdeep Singh Method and systems for securely exchanging data in an electronic transaction
US20050036611A1 (en) * 2003-03-31 2005-02-17 Visa U.S.A., Inc. Method and system for secure authentication
US20050067485A1 (en) * 2002-01-17 2005-03-31 Michel Caron Apparatus and method of identifying the user thereof by means of a variable identification code
US20050071225A1 (en) * 2003-09-30 2005-03-31 Visa U.S.A., Inc. System and apparatus for linking multiple rewards programs to promote the purchase of specific product mixes
US20050108104A1 (en) * 2003-11-14 2005-05-19 Katherine Woo Integrating third party shopping cart applications with an online payment service
US20060059345A1 (en) * 2004-09-10 2006-03-16 International Business Machines Corporation System and method for providing dynamically authorized access to functionality present on an integrated circuit chip
EP1646976A2 (en) * 2003-06-04 2006-04-19 Mastercard International, Inc. Customer authentication in e-commerce transactions
US7114075B1 (en) * 1999-07-12 2006-09-26 Fujitsu Limited User authentication apparatus, method of user authentication, and storage medium therefor
US20060290501A1 (en) * 2005-06-24 2006-12-28 Visa U.S.A., Inc. Apparatus and method to electromagnetically shield portable consumer devices
EP1738515A1 (en) * 2004-04-16 2007-01-03 First Data Corporation Methods and systems for online transaction processing
US20070055597A1 (en) * 2005-09-08 2007-03-08 Visa U.S.A. Method and system for manipulating purchase information
US20070168527A1 (en) * 2005-02-04 2007-07-19 Huawei Technologies Co., Ltd. Method and system for distributing session key across gatekeeper zones in a direct-routing mode
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
US20070288744A1 (en) * 2004-04-26 2007-12-13 Huawei Technologies Co., Ltd. Method of Secure Communication Between Endpoints
US20080022146A1 (en) * 1998-01-02 2008-01-24 Kocher Paul C Differential power analysis
US20080092220A1 (en) * 2001-08-02 2008-04-17 Safenet, Inc. Method and system for secure distribution and utilization of data over a network
US20080120214A1 (en) * 2006-11-16 2008-05-22 Kim Steele Adaptive authentication options
US20080120236A1 (en) * 2006-11-16 2008-05-22 Patrick Faith Dynamic magnetic stripe
EP1934935A2 (en) * 2005-09-28 2008-06-25 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US20080197201A1 (en) * 2007-02-15 2008-08-21 Thomas Manessis Dynamic payment device characteristics
US20080256642A1 (en) * 2007-04-16 2008-10-16 John Hachey Anti-Interrogation For Portable Device
US20080300895A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Method and system for handling returned payment card account statements
US20080301011A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Method and system for handling returned prepaid payment cards
US20080301037A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Systems and methods for automatic migration of a consumer between financial accounts
US20080301019A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Prepaid card fraud and risk management
US20080298569A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Prepaid negative balance fee processing and fee diversion
US20080301048A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Portability of financial tokens
US20080298573A1 (en) * 2007-06-04 2008-12-04 Monk Justin T System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US20080303632A1 (en) * 2007-06-11 2008-12-11 Ayman Hammad Shielding of portable consumer device
US7475248B2 (en) 2002-04-29 2009-01-06 International Business Machines Corporation Enhanced message security
US20090012810A1 (en) * 2003-03-31 2009-01-08 Koninklijke Kpn N.V. Method for using an electromagnetic scratchcard to provide services
US20090070171A1 (en) * 2007-09-10 2009-03-12 Barbara Patterson Host capture
US20090125429A1 (en) * 1997-08-13 2009-05-14 Matsushita Electric Industrial Co., Ltd. Mobile electronic commerce system
US20090134218A1 (en) * 2007-11-28 2009-05-28 Ryan Yuzon Multifunction removable cover for portable payment device
US20090328052A1 (en) * 2008-06-26 2009-12-31 Loc Duc Nguyen Resource locator verification method and apparatus
US20090327135A1 (en) * 2008-06-26 2009-12-31 Loc Duc Nguyen Credit card paired with location identifiable device for point of service fraud detection
US7654451B2 (en) 2003-09-03 2010-02-02 Visa U.S.A. Inc. Method, system and portable consumer device using wildcard values
US20100027786A1 (en) * 2008-02-14 2010-02-04 Patrick Faith Dynamic encryption authentication
US20100030688A1 (en) * 2008-07-29 2010-02-04 Barbara Elizabeth Patterson Transaction processing using a global unique identifier
US20100114740A1 (en) * 2008-10-31 2010-05-06 Ben Dominguez User enhanced authentication system for online purchases
US20100179909A1 (en) * 2009-01-14 2010-07-15 Jubin Dana User defined udk
US20100217709A1 (en) * 2008-09-22 2010-08-26 Christian Aabye Apparatus and method for preventing unauthorized access to payment application installed in contactless payment device
US20100312703A1 (en) * 2009-06-03 2010-12-09 Ashish Kulpati System and method for providing authentication for card not present transactions using mobile device
US20100313010A1 (en) * 1998-07-22 2010-12-09 Kenji Tagawa Digital data recording apparatus, digital data recording method, and computer-readable recording medium
US20100312702A1 (en) * 2009-06-06 2010-12-09 Bullock Roddy M System and method for making money by facilitating easy online payment
US20100332337A1 (en) * 2009-06-25 2010-12-30 Bullock Roddy Mckee Universal one-click online payment method and system
US20110022521A1 (en) * 2002-02-28 2011-01-27 Mehdi Collinge Authentication arrangement and method for use with financial transaction
US20110082757A1 (en) * 2009-06-06 2011-04-07 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US20110137748A1 (en) * 2009-12-09 2011-06-09 Yigal Baher Systems and Methods for Virtual Credit Card Transactions
US8065193B2 (en) 2009-06-06 2011-11-22 Bullock Roddy Mckee Method for making money on the internet
US8090663B1 (en) * 2001-04-23 2012-01-03 Diebold, Incorporated Automated banking machine system and method
US8170527B2 (en) 2007-09-26 2012-05-01 Visa U.S.A. Inc. Real-time balance on a mobile phone
US20130091351A1 (en) * 2011-09-30 2013-04-11 Braintree Payment Solutions, Llc Differential client-side encryption of information originating from a client
US8615426B2 (en) 2006-12-26 2013-12-24 Visa U.S.A. Inc. Coupon offers from multiple entities
US8645971B2 (en) 2006-12-26 2014-02-04 Visa U.S.A. Inc. Real-time balance updates
US8702007B2 (en) 2009-01-07 2014-04-22 Powered Card Solutions, Llc On card display of data from secured chip
US8923827B2 (en) 2007-01-09 2014-12-30 Visa U.S.A. Inc. Mobile payment management
US8977567B2 (en) 2008-09-22 2015-03-10 Visa International Service Association Recordation of electronic payment transaction information
US9189777B1 (en) * 1999-09-20 2015-11-17 Security First Corporation Electronic commerce with cryptographic authentication
US9460436B2 (en) 2012-03-16 2016-10-04 Visa International Service Association Systems and methods to apply the benefit of offers via a transaction handler
US20160314469A1 (en) * 2013-12-31 2016-10-27 Feitian Technologies Co., Ltd. Method for generating off-line authentication credentials by intelligent card
US9542687B2 (en) 2008-06-26 2017-01-10 Visa International Service Association Systems and methods for visual representation of offers
US9672516B2 (en) 2014-03-13 2017-06-06 Visa International Service Association Communication protocols for processing an authorization request in a distributed computing system
US9672508B2 (en) 2008-09-22 2017-06-06 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US9715709B2 (en) 2008-05-09 2017-07-25 Visa International Services Association Communication device including multi-part alias identifier
US9721250B2 (en) 2007-10-25 2017-08-01 Visa U.S.A. Inc. Location based authentication
US9727887B2 (en) 2007-07-23 2017-08-08 Visa U.S.A. Inc. Multi-vendor multi-loyalty currency program
US9824355B2 (en) 2008-09-22 2017-11-21 Visa International Service Association Method of performing transactions with contactless payment devices using pre-tap and two-tap operations
US9940627B2 (en) 2006-12-26 2018-04-10 Visa U.S.A. Inc. Mobile coupon method and system
US9990646B2 (en) 2013-10-24 2018-06-05 Visa International Service Association Systems and methods to provide a user interface for redemption of loyalty rewards
US10008067B2 (en) 2008-06-16 2018-06-26 Visa U.S.A. Inc. System and method for authorizing financial transactions with online merchants
US12137083B2 (en) 2022-10-17 2024-11-05 Paypal, Inc. Differential client-side encryption of information originating from a client

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998040982A1 (en) * 1997-03-12 1998-09-17 Visa International Secure electronic commerce employing integrated circuit cards
DE19849354A1 (en) * 1998-10-19 2000-04-20 Deutsche Telekom Ag Database-assisted selection of product for electronic commerce applications on Internet by comparing attributes of objects on list with values selected by user
JP2001313636A (en) * 2000-04-28 2001-11-09 Sony Corp Authentication system, authenticating method and authenticating device and method
SE516567C2 (en) * 2000-06-07 2002-01-29 Anoto Ab Procedure and apparatus for secure wireless transmission of information
US7278017B2 (en) 2000-06-07 2007-10-02 Anoto Ab Method and device for secure wireless transmission of information
US7457413B2 (en) 2000-06-07 2008-11-25 Anoto Ab Method and device for encrypting a message
GB0020108D0 (en) * 2000-08-15 2000-10-04 Nokia Mobile Phones Ltd Devices
CN102081821B (en) * 2009-11-27 2013-08-14 中国银联股份有限公司 IC (integrated circuit) card paying system and method as well as multi-application IC card and payment terminal

Citations (92)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4186871A (en) 1978-03-01 1980-02-05 International Business Machines Corporation Transaction execution system with secure encryption key storage and communications
US4197986A (en) 1977-04-28 1980-04-15 Omron Tateisi Electronics Co. Money transaction system
US4211919A (en) 1977-08-26 1980-07-08 Compagnie Internationale Pour L'informatique Portable data carrier including a microprocessor
US4214230A (en) 1978-01-19 1980-07-22 Rolf Blom Personal identification system
US4219151A (en) 1978-04-26 1980-08-26 Omron Tateisi Electronics Co. Card verification system using stored functions
US4223403A (en) 1978-06-30 1980-09-16 International Business Machines Corporation Cryptographic architecture for use with a high security personal identification system
US4268715A (en) 1978-05-03 1981-05-19 Atalla Technovations Method and apparatus for securing data transmissions
US4271482A (en) 1977-05-26 1981-06-02 Compagnie Internationale Pour L'informatique -Cii-Honeywell Bull Data processing system which protects the secrecy of confidential data
US4283599A (en) 1979-01-16 1981-08-11 Atalla Technovations Method and apparatus for securing data transmissions
US4288659A (en) 1979-05-21 1981-09-08 Atalla Technovations Method and means for securing the distribution of encoding keys
US4302810A (en) 1979-12-28 1981-11-24 International Business Machines Corporation Method and apparatus for secure message transmission for use in electronic funds transfer systems
US4304990A (en) 1979-12-11 1981-12-08 Atalla Technovations Multilevel security apparatus and method
US4309569A (en) 1979-09-05 1982-01-05 The Board Of Trustees Of The Leland Stanford Junior University Method of providing digital signatures
US4317957A (en) 1980-03-10 1982-03-02 Marvin Sendrow System for authenticating users and devices in on-line transaction networks
US4326098A (en) 1980-07-02 1982-04-20 International Business Machines Corporation High security system for electronic signature verification
US4357529A (en) 1980-02-04 1982-11-02 Atalla Technovations Multilevel security apparatus and method
US4386233A (en) 1980-09-29 1983-05-31 Smid Miles E Crytographic key notarization methods and apparatus
US4386266A (en) 1980-02-11 1983-05-31 International Business Machines Corporation Method for operating a transaction execution system having improved verification of personal identification
US4408203A (en) 1978-01-09 1983-10-04 Mastercard International, Inc. Security system for electronic funds transfer system
US4423287A (en) 1981-06-26 1983-12-27 Visa U.S.A., Inc. End-to-end encryption system and method of operation
US4438824A (en) 1981-04-22 1984-03-27 Siemens Corporation Apparatus and method for cryptographic identity verification
US4467139A (en) 1980-04-09 1984-08-21 Compagnie Internationale Pour L'informatique Cii Honeywell Bull Process and system for transmission of signed messages
US4471216A (en) 1979-11-09 1984-09-11 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme System and process for identification of persons requesting access to particular facilities
US4498000A (en) 1981-01-07 1985-02-05 Transac-Alcatel Security method and device for communicating confidential data via an intermediate stage
US4529870A (en) 1980-03-10 1985-07-16 David Chaum Cryptographic identification, financial transaction, and credential device
US4536647A (en) 1983-07-15 1985-08-20 Atalla Corporation Pocket banking terminal, method and system
US4544833A (en) 1982-05-14 1985-10-01 Cii Honeywell Bull (Societe Anonyme) Process and apparatus for authenticating or certifying at least one item of information contained in a memory of a removable and portable electronic carrier, such as a card
US4549075A (en) 1982-07-08 1985-10-22 Cii Honeywell Bull (Societe Anonyme) Method for certifying the origin of at least one item of information stored in the memory of a first electronic device and transmitted to a second electronic device, and system for carrying out the method
US4594663A (en) 1982-07-09 1986-06-10 Omron Tateisi Electronics Co. Credit transaction processing system
US4612413A (en) 1983-07-29 1986-09-16 U.S. Philips Corporation Authentication system between a card reader and a pay card exchanging data
US4630201A (en) 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4629874A (en) 1984-01-12 1986-12-16 The De La Rue Company Plc Prepayment metering system
US4638120A (en) 1980-03-03 1987-01-20 Compagnie Internationale Pour L'informatique Cii Honeywell Bull Method and system for transmission of confidential data
US4652698A (en) 1984-08-13 1987-03-24 Ncr Corporation Method and system for providing system security in a remote terminal environment
US4656474A (en) 1981-10-09 1987-04-07 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme) Process and apparatus for authenticating the signature of a signed message
US4661658A (en) 1985-02-12 1987-04-28 International Business Machines Corporation Offline PIN validation with DES
US4672182A (en) 1983-10-17 1987-06-09 Kabushiki Kaisha Toshiba Memory card
US4679236A (en) 1984-12-21 1987-07-07 Davies Richard E Identification verification method and system
US4700055A (en) 1985-10-15 1987-10-13 Kashkashian Jr Arsen Multiple credit card system
US4720859A (en) 1981-04-08 1988-01-19 U.S. Philips Corporation Method and system for the mutual encyphered indentification between data communicating stations and stations for use with such method and system
US4723284A (en) 1983-02-14 1988-02-02 Prime Computer, Inc. Authentication system
US4725719A (en) 1986-07-21 1988-02-16 First City National Bank Of Austin Restricted purpose, commercial, monetary regulation method
USRE33571E (en) 1984-07-31 1991-04-16 Hitachi, Ltd. System and method for automatic transaction
US5225664A (en) 1990-01-30 1993-07-06 Kabushiki Kaisha Toshiba Mutual authentication system
US5227613A (en) 1989-01-24 1993-07-13 Matsushita Electric Industrial Co., Ltd. Secure encrypted data communication system having physically secure ic cards and session key generation based on card identifying information
US5239166A (en) 1989-01-17 1993-08-24 Graves Marcel A Secure data interchange system erasing a card memory upon an invalid response
US5247578A (en) 1991-01-22 1993-09-21 France Telecom Etablissement Autonome De Droit Public (Centre National D'etudes Des Telecommunications) Process for exchange of rights between microprocessor cards
US5276736A (en) 1990-01-29 1994-01-04 David Chaum Optionally moderated transaction systems
US5285200A (en) 1990-11-29 1994-02-08 Kabushiki Kaisha Toshiba Portable electronic device and a method for processing data therefore
US5293029A (en) 1989-01-17 1994-03-08 Kabushiki Kaisha Toshiba System for mutually certifying an IC card and an IC card terminal
US5293424A (en) 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5299263A (en) 1993-03-04 1994-03-29 Bell Communications Research, Inc. Two-way public key authentication and key agreement for low-cost terminals
US5317636A (en) 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5319710A (en) 1986-08-22 1994-06-07 Tandem Computers Incorporated Method and means for combining and managing personal verification and message authentication encrytions for network transmission
US5323465A (en) 1992-06-10 1994-06-21 Racal-Datacom Limited Access control
US5337358A (en) 1992-11-20 1994-08-09 Pitney Bowes Inc. Apparatus for recording a transaction including authenticating an identification card
US5341426A (en) 1992-12-15 1994-08-23 Motorola, Inc. Cryptographic key management apparatus and method
US5343529A (en) 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5347580A (en) 1992-04-23 1994-09-13 International Business Machines Corporation Authentication method and system with a smartcard
US5355413A (en) 1992-03-06 1994-10-11 Mitsubishi Denki Kabushiki Kaisha Authentication method performed between IC card and terminal unit and system therefor
US5371797A (en) 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5375169A (en) 1993-05-28 1994-12-20 Tecsec, Incorporated Cryptographic key management method and apparatus
US5379344A (en) 1990-04-27 1995-01-03 Scandic International Pty. Ltd. Smart card validation device and method
US5396558A (en) 1992-09-18 1995-03-07 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5401950A (en) 1988-06-15 1995-03-28 Omron Tateisi Electronics Co. IC card having improved security checking function
US5402490A (en) 1992-09-01 1995-03-28 Motorola, Inc. Process for improving public key authentication
US5412726A (en) 1992-09-21 1995-05-02 Telecom Etablissement autonome de droit public and la Poste-Etablissement autonome de droit public Telecommunication installation with secure remote loading of prepayment means and corresponding remote loading process
US5420926A (en) 1994-01-05 1995-05-30 At&T Corp. Anonymous credit card transactions
US5422953A (en) 1993-05-05 1995-06-06 Fischer; Addison M. Personal date/time notary device
US5428684A (en) 1991-09-30 1995-06-27 Fujitsu Limited Electronic cashless transaction system
US5434919A (en) 1994-01-11 1995-07-18 Chaum; David Compact endorsement signature systems
US5440635A (en) 1993-08-23 1995-08-08 At&T Corp. Cryptographic protocol for remote authentication
US5461217A (en) 1994-02-08 1995-10-24 At&T Ipm Corp. Secure money transfer techniques using smart cards
US5473689A (en) 1993-05-25 1995-12-05 Siemens Aktiengesellschaft Method for authentication between two electronic devices
US5475763A (en) 1993-07-01 1995-12-12 Digital Equipment Corp., Patent Law Group Method of deriving a per-message signature for a DSS or El Gamal encryption system
US5481611A (en) 1993-12-09 1996-01-02 Gte Laboratories Incorporated Method and apparatus for entity authentication
US5493613A (en) 1992-09-11 1996-02-20 International Verifact Inc. Combination pin pad and terminal
US5559887A (en) 1994-09-30 1996-09-24 Electronic Payment Service Collection of value from stored value systems
US5602915A (en) 1993-02-25 1997-02-11 France Telecom Establissement Autonome De Droit Public Process for the control of secret keys between two smart cards
US5602917A (en) 1994-12-30 1997-02-11 Lucent Technologies Inc. Method for secure session key generation
US5604801A (en) 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US5604803A (en) 1994-06-03 1997-02-18 Sun Microsystems, Inc. Method and apparatus for secure remote authentication in a public network
US5604804A (en) 1996-04-23 1997-02-18 Micali; Silvio Method for certifying public keys in a digital signature scheme
US5610982A (en) 1996-05-15 1997-03-11 Micali; Silvio Compact certification with threshold signatures
US5706349A (en) 1995-03-06 1998-01-06 International Business Machines Corporation Authenticating remote users in a distributed environment
US5721781A (en) 1995-09-13 1998-02-24 Microsoft Corporation Authentication system and method for smart card transactions
US5742756A (en) 1996-02-12 1998-04-21 Microsoft Corporation System and method of using smart cards to perform security-critical operations requiring user authorization
US5754656A (en) 1995-08-04 1998-05-19 Hitachi, Ltd. Electronic shopping method, electronic shopping system and document authenticating method relating thereto
US5778071A (en) * 1994-07-12 1998-07-07 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
WO1998040982A1 (en) * 1997-03-12 1998-09-17 Visa International Secure electronic commerce employing integrated circuit cards
US5862223A (en) * 1996-07-24 1999-01-19 Walker Asset Management Limited Partnership Method and apparatus for a cryptographically-assisted commercial network system designed to facilitate and support expert-based commerce
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection

Patent Citations (94)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4197986A (en) 1977-04-28 1980-04-15 Omron Tateisi Electronics Co. Money transaction system
US4271482A (en) 1977-05-26 1981-06-02 Compagnie Internationale Pour L'informatique -Cii-Honeywell Bull Data processing system which protects the secrecy of confidential data
US4211919A (en) 1977-08-26 1980-07-08 Compagnie Internationale Pour L'informatique Portable data carrier including a microprocessor
US4408203A (en) 1978-01-09 1983-10-04 Mastercard International, Inc. Security system for electronic funds transfer system
US4214230A (en) 1978-01-19 1980-07-22 Rolf Blom Personal identification system
US4186871A (en) 1978-03-01 1980-02-05 International Business Machines Corporation Transaction execution system with secure encryption key storage and communications
US4219151A (en) 1978-04-26 1980-08-26 Omron Tateisi Electronics Co. Card verification system using stored functions
US4268715A (en) 1978-05-03 1981-05-19 Atalla Technovations Method and apparatus for securing data transmissions
US4223403A (en) 1978-06-30 1980-09-16 International Business Machines Corporation Cryptographic architecture for use with a high security personal identification system
US4283599A (en) 1979-01-16 1981-08-11 Atalla Technovations Method and apparatus for securing data transmissions
US4288659A (en) 1979-05-21 1981-09-08 Atalla Technovations Method and means for securing the distribution of encoding keys
US4309569A (en) 1979-09-05 1982-01-05 The Board Of Trustees Of The Leland Stanford Junior University Method of providing digital signatures
US4471216A (en) 1979-11-09 1984-09-11 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme System and process for identification of persons requesting access to particular facilities
US4304990A (en) 1979-12-11 1981-12-08 Atalla Technovations Multilevel security apparatus and method
US4302810A (en) 1979-12-28 1981-11-24 International Business Machines Corporation Method and apparatus for secure message transmission for use in electronic funds transfer systems
US4357529A (en) 1980-02-04 1982-11-02 Atalla Technovations Multilevel security apparatus and method
US4386266A (en) 1980-02-11 1983-05-31 International Business Machines Corporation Method for operating a transaction execution system having improved verification of personal identification
US4638120A (en) 1980-03-03 1987-01-20 Compagnie Internationale Pour L'informatique Cii Honeywell Bull Method and system for transmission of confidential data
US4529870A (en) 1980-03-10 1985-07-16 David Chaum Cryptographic identification, financial transaction, and credential device
US4317957A (en) 1980-03-10 1982-03-02 Marvin Sendrow System for authenticating users and devices in on-line transaction networks
US4467139A (en) 1980-04-09 1984-08-21 Compagnie Internationale Pour L'informatique Cii Honeywell Bull Process and system for transmission of signed messages
US4326098A (en) 1980-07-02 1982-04-20 International Business Machines Corporation High security system for electronic signature verification
US4386233A (en) 1980-09-29 1983-05-31 Smid Miles E Crytographic key notarization methods and apparatus
US4498000A (en) 1981-01-07 1985-02-05 Transac-Alcatel Security method and device for communicating confidential data via an intermediate stage
US4720859A (en) 1981-04-08 1988-01-19 U.S. Philips Corporation Method and system for the mutual encyphered indentification between data communicating stations and stations for use with such method and system
US4438824A (en) 1981-04-22 1984-03-27 Siemens Corporation Apparatus and method for cryptographic identity verification
US4423287A (en) 1981-06-26 1983-12-27 Visa U.S.A., Inc. End-to-end encryption system and method of operation
US4656474A (en) 1981-10-09 1987-04-07 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme) Process and apparatus for authenticating the signature of a signed message
US4544833A (en) 1982-05-14 1985-10-01 Cii Honeywell Bull (Societe Anonyme) Process and apparatus for authenticating or certifying at least one item of information contained in a memory of a removable and portable electronic carrier, such as a card
US4549075A (en) 1982-07-08 1985-10-22 Cii Honeywell Bull (Societe Anonyme) Method for certifying the origin of at least one item of information stored in the memory of a first electronic device and transmitted to a second electronic device, and system for carrying out the method
US4594663A (en) 1982-07-09 1986-06-10 Omron Tateisi Electronics Co. Credit transaction processing system
US4723284A (en) 1983-02-14 1988-02-02 Prime Computer, Inc. Authentication system
US4536647A (en) 1983-07-15 1985-08-20 Atalla Corporation Pocket banking terminal, method and system
US4612413A (en) 1983-07-29 1986-09-16 U.S. Philips Corporation Authentication system between a card reader and a pay card exchanging data
US4672182A (en) 1983-10-17 1987-06-09 Kabushiki Kaisha Toshiba Memory card
US4629874A (en) 1984-01-12 1986-12-16 The De La Rue Company Plc Prepayment metering system
US4630201A (en) 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
USRE33571E (en) 1984-07-31 1991-04-16 Hitachi, Ltd. System and method for automatic transaction
US4652698A (en) 1984-08-13 1987-03-24 Ncr Corporation Method and system for providing system security in a remote terminal environment
US4679236A (en) 1984-12-21 1987-07-07 Davies Richard E Identification verification method and system
US4661658A (en) 1985-02-12 1987-04-28 International Business Machines Corporation Offline PIN validation with DES
US4700055A (en) 1985-10-15 1987-10-13 Kashkashian Jr Arsen Multiple credit card system
US4725719A (en) 1986-07-21 1988-02-16 First City National Bank Of Austin Restricted purpose, commercial, monetary regulation method
US5319710A (en) 1986-08-22 1994-06-07 Tandem Computers Incorporated Method and means for combining and managing personal verification and message authentication encrytions for network transmission
US5401950A (en) 1988-06-15 1995-03-28 Omron Tateisi Electronics Co. IC card having improved security checking function
US5239166A (en) 1989-01-17 1993-08-24 Graves Marcel A Secure data interchange system erasing a card memory upon an invalid response
US5293029A (en) 1989-01-17 1994-03-08 Kabushiki Kaisha Toshiba System for mutually certifying an IC card and an IC card terminal
US5227613A (en) 1989-01-24 1993-07-13 Matsushita Electric Industrial Co., Ltd. Secure encrypted data communication system having physically secure ic cards and session key generation based on card identifying information
US5276736A (en) 1990-01-29 1994-01-04 David Chaum Optionally moderated transaction systems
US5225664A (en) 1990-01-30 1993-07-06 Kabushiki Kaisha Toshiba Mutual authentication system
US5379344A (en) 1990-04-27 1995-01-03 Scandic International Pty. Ltd. Smart card validation device and method
US5285200A (en) 1990-11-29 1994-02-08 Kabushiki Kaisha Toshiba Portable electronic device and a method for processing data therefore
US5247578A (en) 1991-01-22 1993-09-21 France Telecom Etablissement Autonome De Droit Public (Centre National D'etudes Des Telecommunications) Process for exchange of rights between microprocessor cards
US5428684A (en) 1991-09-30 1995-06-27 Fujitsu Limited Electronic cashless transaction system
US5355413A (en) 1992-03-06 1994-10-11 Mitsubishi Denki Kabushiki Kaisha Authentication method performed between IC card and terminal unit and system therefor
US5347580A (en) 1992-04-23 1994-09-13 International Business Machines Corporation Authentication method and system with a smartcard
US5323465A (en) 1992-06-10 1994-06-21 Racal-Datacom Limited Access control
US5402490A (en) 1992-09-01 1995-03-28 Motorola, Inc. Process for improving public key authentication
US5493613A (en) 1992-09-11 1996-02-20 International Verifact Inc. Combination pin pad and terminal
US5502765A (en) 1992-09-18 1996-03-26 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5446796A (en) 1992-09-18 1995-08-29 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5396558A (en) 1992-09-18 1995-03-07 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5412726A (en) 1992-09-21 1995-05-02 Telecom Etablissement autonome de droit public and la Poste-Etablissement autonome de droit public Telecommunication installation with secure remote loading of prepayment means and corresponding remote loading process
US5293424A (en) 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5337358A (en) 1992-11-20 1994-08-09 Pitney Bowes Inc. Apparatus for recording a transaction including authenticating an identification card
US5317636A (en) 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5341426A (en) 1992-12-15 1994-08-23 Motorola, Inc. Cryptographic key management apparatus and method
US5371797A (en) 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5602915A (en) 1993-02-25 1997-02-11 France Telecom Establissement Autonome De Droit Public Process for the control of secret keys between two smart cards
US5299263A (en) 1993-03-04 1994-03-29 Bell Communications Research, Inc. Two-way public key authentication and key agreement for low-cost terminals
US5422953A (en) 1993-05-05 1995-06-06 Fischer; Addison M. Personal date/time notary device
US5473689A (en) 1993-05-25 1995-12-05 Siemens Aktiengesellschaft Method for authentication between two electronic devices
US5375169A (en) 1993-05-28 1994-12-20 Tecsec, Incorporated Cryptographic key management method and apparatus
US5475763A (en) 1993-07-01 1995-12-12 Digital Equipment Corp., Patent Law Group Method of deriving a per-message signature for a DSS or El Gamal encryption system
US5440635A (en) 1993-08-23 1995-08-08 At&T Corp. Cryptographic protocol for remote authentication
US5343529A (en) 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5481611A (en) 1993-12-09 1996-01-02 Gte Laboratories Incorporated Method and apparatus for entity authentication
US5420926A (en) 1994-01-05 1995-05-30 At&T Corp. Anonymous credit card transactions
US5434919A (en) 1994-01-11 1995-07-18 Chaum; David Compact endorsement signature systems
US5461217A (en) 1994-02-08 1995-10-24 At&T Ipm Corp. Secure money transfer techniques using smart cards
US5604803A (en) 1994-06-03 1997-02-18 Sun Microsystems, Inc. Method and apparatus for secure remote authentication in a public network
US5778071A (en) * 1994-07-12 1998-07-07 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
US5559887A (en) 1994-09-30 1996-09-24 Electronic Payment Service Collection of value from stored value systems
US5602917A (en) 1994-12-30 1997-02-11 Lucent Technologies Inc. Method for secure session key generation
US5604801A (en) 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US5706349A (en) 1995-03-06 1998-01-06 International Business Machines Corporation Authenticating remote users in a distributed environment
US5754656A (en) 1995-08-04 1998-05-19 Hitachi, Ltd. Electronic shopping method, electronic shopping system and document authenticating method relating thereto
US5721781A (en) 1995-09-13 1998-02-24 Microsoft Corporation Authentication system and method for smart card transactions
US5742756A (en) 1996-02-12 1998-04-21 Microsoft Corporation System and method of using smart cards to perform security-critical operations requiring user authorization
US5604804A (en) 1996-04-23 1997-02-18 Micali; Silvio Method for certifying public keys in a digital signature scheme
US5610982A (en) 1996-05-15 1997-03-11 Micali; Silvio Compact certification with threshold signatures
US5862223A (en) * 1996-07-24 1999-01-19 Walker Asset Management Limited Partnership Method and apparatus for a cryptographically-assisted commercial network system designed to facilitate and support expert-based commerce
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
WO1998040982A1 (en) * 1997-03-12 1998-09-17 Visa International Secure electronic commerce employing integrated circuit cards

Cited By (225)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7991694B2 (en) * 1997-08-13 2011-08-02 Matsushita Electric Industrial Co., Ltd. Mobile electronic commerce system
US20090125429A1 (en) * 1997-08-13 2009-05-14 Matsushita Electric Industrial Co., Ltd. Mobile electronic commerce system
US20080022146A1 (en) * 1998-01-02 2008-01-24 Kocher Paul C Differential power analysis
US20030028771A1 (en) * 1998-01-02 2003-02-06 Cryptography Research, Inc. Leak-resistant cryptographic payment smartcard
US9419790B2 (en) 1998-01-02 2016-08-16 Cryptography Research, Inc. Differential power analysis—resistant cryptographic processing
US8879724B2 (en) 1998-01-02 2014-11-04 Rambus Inc. Differential power analysis—resistant cryptographic processing
US20010053220A1 (en) * 1998-06-03 2001-12-20 Cryptography Research, Inc. Cryptographic computation using masking to prevent differential power analysis and other attacks
US7668310B2 (en) 1998-06-03 2010-02-23 Cryptography Research, Inc. Cryptographic computation using masking to prevent differential power analysis and other attacks
US7787620B2 (en) 1998-06-03 2010-08-31 Cryptography Research, Inc. Prevention of side channel attacks against block cipher implementations and other cryptographic systems
US7941666B2 (en) * 1998-07-02 2011-05-10 Cryptography Research, Inc. Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
US9852572B2 (en) 1998-07-02 2017-12-26 Cryptography Research, Inc. Cryptographic token with leak-resistant key derivation
US20030188158A1 (en) * 1998-07-02 2003-10-02 Kocher Paul C. Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
US8261056B2 (en) * 1998-07-22 2012-09-04 Panasonic Corporation Digital data recording apparatus, digital data recording method, and computer-readable recording medium
US20100313010A1 (en) * 1998-07-22 2010-12-09 Kenji Tagawa Digital data recording apparatus, digital data recording method, and computer-readable recording medium
US6549912B1 (en) * 1998-09-23 2003-04-15 Visa International Service Association Loyalty file structure for smart card
US7114075B1 (en) * 1999-07-12 2006-09-26 Fujitsu Limited User authentication apparatus, method of user authentication, and storage medium therefor
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
US20080097925A1 (en) * 1999-09-07 2008-04-24 King Douglas W Method of and system for authorizing purchases made over a computer network
US7318048B1 (en) * 1999-09-07 2008-01-08 Rysix Holdings Llc Method of and system for authorizing purchases made over a computer network
US10127535B2 (en) 1999-09-07 2018-11-13 Mastercard International Incorporated Method of and system for authorizing purchases made over a computer network
US9189777B1 (en) * 1999-09-20 2015-11-17 Security First Corporation Electronic commerce with cryptographic authentication
US9864993B2 (en) 2000-04-24 2018-01-09 Visa International Service Association Account authentication service with chip card
US8271395B2 (en) 2000-04-24 2012-09-18 Visa International Service Association Online account authentication service
US20080301056A1 (en) * 2000-04-24 2008-12-04 Weller Kevin D Online payer authentication service
US7991701B2 (en) 2000-04-24 2011-08-02 Visa International Service Association Online payer authentication service
US20100057619A1 (en) * 2000-04-24 2010-03-04 Visa International Service Association Account authentication service with chip card
US20100332393A1 (en) * 2000-04-24 2010-12-30 Visa International Service Association Online payer authentication service
US10572875B2 (en) 2000-04-24 2020-02-25 Visa International Service Association Online account authentication service
US20020111919A1 (en) * 2000-04-24 2002-08-15 Visa International Service Association Online payer authentication service
US7827115B2 (en) 2000-04-24 2010-11-02 Visa International Service Association Online payer authentication service
US7058611B2 (en) * 2000-07-10 2006-06-06 Mastercard International Incorporated Method and system for conducting secure electronic commerce transactions with authorization request data loop-back
US20020128973A1 (en) * 2000-07-10 2002-09-12 Kranzley Arthur D. Method and system for conducting secure electronic commerce transactions with authorization request data loop-back
US20020016765A1 (en) * 2000-07-11 2002-02-07 David Sacks System and method for third-party payment processing
WO2002069085A2 (en) * 2001-02-21 2002-09-06 Citibank, N.A. Method and system for electronic commerce using a mobile communication system
WO2002069085A3 (en) * 2001-02-21 2004-04-29 Citibank Na Method and system for electronic commerce using a mobile communication system
US8090663B1 (en) * 2001-04-23 2012-01-03 Diebold, Incorporated Automated banking machine system and method
WO2003009246A3 (en) * 2001-07-20 2003-07-31 Fleet Credit Card Services Llp Third party card validation over network for ecommerce
WO2003009246A2 (en) * 2001-07-20 2003-01-30 Fleet Credit Card Services, Llp. Third party card validation over network for ecommerce
US8078725B2 (en) 2001-08-02 2011-12-13 Safenet, Inc. Method and system for secure distribution and utilization of data over a network
US8055769B2 (en) 2001-08-02 2011-11-08 Safenet, Inc. Method and system for secure distribution and utilization of data over a network
US20080092220A1 (en) * 2001-08-02 2008-04-17 Safenet, Inc. Method and system for secure distribution and utilization of data over a network
US20080098223A1 (en) * 2001-08-02 2008-04-24 Safenet, Inc. Method and system for secure distribution and utilization of data over a network
US20030051146A1 (en) * 2001-09-11 2003-03-13 Akihiro Ebina Security realizing system in network
EP1310923A3 (en) * 2001-09-17 2004-04-07 Kabushiki Kaisha Toshiba Public key infrastructure (PKI) based system, method, device and program
US20030056099A1 (en) * 2001-09-17 2003-03-20 Toshiyuki Asanoma Public key infrastructure (PKI) based system, method, device and program
US20030233318A1 (en) * 2001-11-26 2003-12-18 King Douglas W. Systems and methods for fund transfers
FR2834842A1 (en) * 2002-01-16 2003-07-18 Iteon Terminal transaction authentication having card asymmetric encryption algorithm generating cryptogram and authentication exchanging information card/terminal with supplementary algorithm generating secret specification
US20050067485A1 (en) * 2002-01-17 2005-03-31 Michel Caron Apparatus and method of identifying the user thereof by means of a variable identification code
US8909557B2 (en) 2002-02-28 2014-12-09 Mastercard International Incorporated Authentication arrangement and method for use with financial transaction
US10395462B2 (en) * 2002-02-28 2019-08-27 Mastercard International Incorporated Authentication arrangement and method for use with financial transactions
WO2003073389A2 (en) * 2002-02-28 2003-09-04 Mastercard Europe Sprl Authentication arrangement and method for use with financial transactions
US20110022521A1 (en) * 2002-02-28 2011-01-27 Mehdi Collinge Authentication arrangement and method for use with financial transaction
EP1850297A2 (en) 2002-02-28 2007-10-31 Mastercard Europe SPRL Authentication arrangement and method for use with financial transactions
WO2003073389A3 (en) * 2002-02-28 2003-12-18 Mastercard Europ Sprl Authentication arrangement and method for use with financial transactions
EP2309465A1 (en) * 2002-02-28 2011-04-13 Mastercard Europe SPRL Authentication arrangement and method for use with financial transactions
EP1850297A3 (en) * 2002-02-28 2008-03-05 Mastercard Europe SPRL Authentication arrangement and method for use with financial transactions
EP1865471A3 (en) * 2002-02-28 2008-03-05 Mastercard Europe SPRL Authentication arrangement and method for use with financial transactions
EP1865471A2 (en) * 2002-02-28 2007-12-12 Mastercard Europe SPRL Authentication arrangement and method for use with financial transactions
US20050119978A1 (en) * 2002-02-28 2005-06-02 Fikret Ates Authentication arrangement and method for use with financial transactions
US7475248B2 (en) 2002-04-29 2009-01-06 International Business Machines Corporation Enhanced message security
US20040034782A1 (en) * 2002-08-11 2004-02-19 Park Jung Woong Card equipped with secret number input keys and the method of activating the same
US8019691B2 (en) 2002-09-10 2011-09-13 Visa International Service Association Profile and identity authentication service
US10672215B2 (en) 2002-09-10 2020-06-02 Visa International Service Association Data authentication and provisioning method and system
US20040059688A1 (en) * 2002-09-10 2004-03-25 Visa International Service Association Data authentication and provisioning method and system
US10679453B2 (en) 2002-09-10 2020-06-09 Visa International Service Association Data authentication and provisioning method and system
US20040128256A1 (en) * 2002-12-04 2004-07-01 Krouse Wayne F. Remote location credit card transaction system with card present security system
US20040181531A1 (en) * 2003-03-12 2004-09-16 Clark Becker Speed pass system
US20100217999A1 (en) * 2003-03-31 2010-08-26 Seaton Jr Robert W Method and system for secure authentication
US20050036611A1 (en) * 2003-03-31 2005-02-17 Visa U.S.A., Inc. Method and system for secure authentication
US20090012810A1 (en) * 2003-03-31 2009-01-08 Koninklijke Kpn N.V. Method for using an electromagnetic scratchcard to provide services
US8359474B2 (en) 2003-03-31 2013-01-22 Visa U.S.A. Inc. Method and system for secure authentication
US7702916B2 (en) 2003-03-31 2010-04-20 Visa U.S.A. Inc. Method and system for secure authentication
US20040220876A1 (en) * 2003-05-02 2004-11-04 Liu David J. Systems and methods for services over a financial transaction platform
US9514458B2 (en) 2003-06-04 2016-12-06 Mastercard International Incorporated Customer authentication in E-commerce transactions
EP1646976A2 (en) * 2003-06-04 2006-04-19 Mastercard International, Inc. Customer authentication in e-commerce transactions
US20080154770A1 (en) * 2003-06-04 2008-06-26 Bruce Rutherford Customer Authentication In E-Commerce Transactions
EP1646976A4 (en) * 2003-06-04 2008-02-27 Mastercard International Inc Customer authentication in e-commerce transactions
US20040268127A1 (en) * 2003-06-17 2004-12-30 Sahota Jagdeep Singh Method and systems for securely exchanging data in an electronic transaction
US7654451B2 (en) 2003-09-03 2010-02-02 Visa U.S.A. Inc. Method, system and portable consumer device using wildcard values
US7900831B2 (en) 2003-09-03 2011-03-08 Visa U.S.A. Inc. Method and system using wildcard values
US8141777B2 (en) 2003-09-03 2012-03-27 Visa U.S.A. Inc. Method and system using wildcard values
US8260661B2 (en) 2003-09-30 2012-09-04 Visa U.S.A. Inc. System and apparatus for linking multiple rewards programs to promote the purchase of specific product mixes
US20050071225A1 (en) * 2003-09-30 2005-03-31 Visa U.S.A., Inc. System and apparatus for linking multiple rewards programs to promote the purchase of specific product mixes
US8571926B2 (en) 2003-09-30 2013-10-29 Visa U.S.A. Inc. System and apparatus for linking multiple rewards programs to promote the purchase of specific product mixes
US8788329B2 (en) 2003-09-30 2014-07-22 Visa U.S.A. Inc. System and apparatus for linking multiple rewards programs to promote the purchase of specific product mixes
US20050108104A1 (en) * 2003-11-14 2005-05-19 Katherine Woo Integrating third party shopping cart applications with an online payment service
EP1738515A1 (en) * 2004-04-16 2007-01-03 First Data Corporation Methods and systems for online transaction processing
EP1738515A4 (en) * 2004-04-16 2011-10-26 First Data Corp Methods and systems for online transaction processing
US20070288744A1 (en) * 2004-04-26 2007-12-13 Huawei Technologies Co., Ltd. Method of Secure Communication Between Endpoints
US7934088B2 (en) * 2004-04-26 2011-04-26 Huawei Technologies Co., Ltd. Method of secure communication between endpoints
US20060059345A1 (en) * 2004-09-10 2006-03-16 International Business Machines Corporation System and method for providing dynamically authorized access to functionality present on an integrated circuit chip
US7818574B2 (en) * 2004-09-10 2010-10-19 International Business Machines Corporation System and method for providing dynamically authorized access to functionality present on an integrated circuit chip
US20070168527A1 (en) * 2005-02-04 2007-07-19 Huawei Technologies Co., Ltd. Method and system for distributing session key across gatekeeper zones in a direct-routing mode
US7983280B2 (en) * 2005-02-04 2011-07-19 Huawei Technologies Co., Ltd. Method and system for distributing session key across gatekeeper zones in a direct-routing mode
US8427317B2 (en) 2005-06-24 2013-04-23 Visa U.S.A. Apparatus and method to electromagnetically shield portable consumer devices
US20060290501A1 (en) * 2005-06-24 2006-12-28 Visa U.S.A., Inc. Apparatus and method to electromagnetically shield portable consumer devices
US7482925B2 (en) 2005-06-24 2009-01-27 Visa U.S.A. Apparatus and method to electromagnetically shield portable consumer devices
US20090088229A1 (en) * 2005-06-24 2009-04-02 Ayman Hammad Apparatus and method to electromagnetically shield portable consumer devices
US20090146814A1 (en) * 2005-06-24 2009-06-11 Ayman Hammad Apparatus and method to electromagnetically shield portable consumer devices
US9704087B2 (en) 2005-06-24 2017-07-11 Visa Usa Inc. Apparatus and method to electromagnetically shield portable consumer devices
US20070055597A1 (en) * 2005-09-08 2007-03-08 Visa U.S.A. Method and system for manipulating purchase information
EP2711889A3 (en) * 2005-09-28 2014-04-30 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US8770476B2 (en) 2005-09-28 2014-07-08 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
EP1934935A4 (en) * 2005-09-28 2011-03-02 Visa Int Service Ass Device, system and method for reducing an interaction time for a contactless transaction
US20100270374A1 (en) * 2005-09-28 2010-10-28 Trudy Hill Device, system and method for reducing an interaction time for a contactless transaction
US9613354B2 (en) 2005-09-28 2017-04-04 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US10043177B2 (en) 2005-09-28 2018-08-07 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
EP1934935A2 (en) * 2005-09-28 2008-06-25 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US9330386B2 (en) 2005-09-28 2016-05-03 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US20080120214A1 (en) * 2006-11-16 2008-05-22 Kim Steele Adaptive authentication options
US9940621B2 (en) 2006-11-16 2018-04-10 Visa U.S.A. Inc. Method and system using candidate dynamic data elements
US10346837B2 (en) 2006-11-16 2019-07-09 Visa U.S.A. Inc. Adaptive authentication options
US20080120236A1 (en) * 2006-11-16 2008-05-22 Patrick Faith Dynamic magnetic stripe
US8504451B2 (en) 2006-11-16 2013-08-06 Visa U.S.A. Inc. Method and system using candidate dynamic data elements
US10748147B2 (en) 2006-11-16 2020-08-18 Visa U.S.A. Inc. Adaptive authentication options
US8645971B2 (en) 2006-12-26 2014-02-04 Visa U.S.A. Inc. Real-time balance updates
US8903734B2 (en) 2006-12-26 2014-12-02 Visa U.S.A. Inc. Coupon offers from multiple entities
US9940627B2 (en) 2006-12-26 2018-04-10 Visa U.S.A. Inc. Mobile coupon method and system
US8615426B2 (en) 2006-12-26 2013-12-24 Visa U.S.A. Inc. Coupon offers from multiple entities
US10057085B2 (en) 2007-01-09 2018-08-21 Visa U.S.A. Inc. Contactless transaction
US11195166B2 (en) 2007-01-09 2021-12-07 Visa U.S.A. Inc. Mobile payment management
US10387868B2 (en) 2007-01-09 2019-08-20 Visa U.S.A. Inc. Mobile payment management
US8923827B2 (en) 2007-01-09 2014-12-30 Visa U.S.A. Inc. Mobile payment management
US8931691B2 (en) 2007-02-15 2015-01-13 Visa U.S.A. Inc. Dynamic payment device characteristics
US20080197201A1 (en) * 2007-02-15 2008-08-21 Thomas Manessis Dynamic payment device characteristics
US20110186626A1 (en) * 2007-02-15 2011-08-04 Thomas Manessis Dynamic payment device characteristics
US7866551B2 (en) 2007-02-15 2011-01-11 Visa U.S.A. Inc. Dynamic payment device characteristics
US8505826B2 (en) 2007-04-16 2013-08-13 Visa U.S.A. Anti-interrogation for portable device
US20080256642A1 (en) * 2007-04-16 2008-10-16 John Hachey Anti-Interrogation For Portable Device
US20080300895A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Method and system for handling returned payment card account statements
US8788382B2 (en) 2007-06-04 2014-07-22 Visa U.S.A. Inc. Systems and methods for automatic migration of a consumer between financial accounts
US8290832B2 (en) 2007-06-04 2012-10-16 Visa U.S.A. Inc. Method and system for handling returned prepaid payment cards
US20100070424A1 (en) * 2007-06-04 2010-03-18 Monk Justin T System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US20080301011A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Method and system for handling returned prepaid payment cards
US7809637B2 (en) 2007-06-04 2010-10-05 Visa U.S.A. Inc. Portability of financial tokens
US8165938B2 (en) 2007-06-04 2012-04-24 Visa U.S.A. Inc. Prepaid card fraud and risk management
US8589285B2 (en) 2007-06-04 2013-11-19 Visa U.S.A. Inc. System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US7627522B2 (en) 2007-06-04 2009-12-01 Visa U.S.A. Inc. System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US7860790B2 (en) 2007-06-04 2010-12-28 Visa U.S.A. Inc. Systems and methods for automatic migration of a consumer between financial accounts
US8146806B2 (en) 2007-06-04 2012-04-03 Visa U.S.A. Inc. Prepaid negative balance fee processing and fee diversion
US20100332382A1 (en) * 2007-06-04 2010-12-30 Monk Justin T Portability of financial tokens
US20080298573A1 (en) * 2007-06-04 2008-12-04 Monk Justin T System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US20110125634A1 (en) * 2007-06-04 2011-05-26 Monk Justin T Systems and methods for automatic migration of a consumer between financial accounts
US20080301037A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Systems and methods for automatic migration of a consumer between financial accounts
US20080301019A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Prepaid card fraud and risk management
US20080298569A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Prepaid negative balance fee processing and fee diversion
US20080301048A1 (en) * 2007-06-04 2008-12-04 Monk Justin T Portability of financial tokens
US20080303632A1 (en) * 2007-06-11 2008-12-11 Ayman Hammad Shielding of portable consumer device
US8604995B2 (en) 2007-06-11 2013-12-10 Visa U.S.A. Inc. Shielding of portable consumer device
US9727887B2 (en) 2007-07-23 2017-08-08 Visa U.S.A. Inc. Multi-vendor multi-loyalty currency program
US10789607B2 (en) 2007-07-23 2020-09-29 Visa U.S.A. Inc. Multi-vendor multi-loyalty currency program
US9292850B2 (en) 2007-09-10 2016-03-22 Visa U.S.A. Inc. Host capture
US11023892B2 (en) 2007-09-10 2021-06-01 Visa U.S.A. Inc. Host capture
US20090070171A1 (en) * 2007-09-10 2009-03-12 Barbara Patterson Host capture
US8452257B2 (en) 2007-09-26 2013-05-28 Visa U.S.A., Inc Real-time balance on a mobile phone
US8170527B2 (en) 2007-09-26 2012-05-01 Visa U.S.A. Inc. Real-time balance on a mobile phone
US10163100B2 (en) 2007-10-25 2018-12-25 Visa International Service Association Location based authentication
US10755271B2 (en) 2007-10-25 2020-08-25 Visa U.S.A. Inc. Location based authentication
US9721250B2 (en) 2007-10-25 2017-08-01 Visa U.S.A. Inc. Location based authentication
US8038068B2 (en) 2007-11-28 2011-10-18 Visa U.S.A. Inc. Multifunction removable cover for portable payment device
US20090134218A1 (en) * 2007-11-28 2009-05-28 Ryan Yuzon Multifunction removable cover for portable payment device
US8950680B2 (en) 2007-11-28 2015-02-10 Visa U.S.A. Inc. Multifunction removable cover for portable payment device
US20100027786A1 (en) * 2008-02-14 2010-02-04 Patrick Faith Dynamic encryption authentication
US10304127B2 (en) 2008-05-09 2019-05-28 Visa International Service Association Communication device including multi-part alias identifier
US9715709B2 (en) 2008-05-09 2017-07-25 Visa International Services Association Communication device including multi-part alias identifier
US10008067B2 (en) 2008-06-16 2018-06-26 Visa U.S.A. Inc. System and method for authorizing financial transactions with online merchants
US10803692B2 (en) 2008-06-16 2020-10-13 Visa U.S.A. Inc. System and method for authorizing financial transactions with online merchants
US10430818B2 (en) 2008-06-26 2019-10-01 Visa International Service Association Systems and methods for visual representation of offers
US8707319B2 (en) 2008-06-26 2014-04-22 Visa International Service Association Resource location verification by comparing and updating resource location with a location of a consumer device after a threshold of location mismatches is exceeded
US10943248B2 (en) 2008-06-26 2021-03-09 Visa International Service Association Systems and methods for providing offers
US9542687B2 (en) 2008-06-26 2017-01-10 Visa International Service Association Systems and methods for visual representation of offers
US20090328052A1 (en) * 2008-06-26 2009-12-31 Loc Duc Nguyen Resource locator verification method and apparatus
US20090327135A1 (en) * 2008-06-26 2009-12-31 Loc Duc Nguyen Credit card paired with location identifiable device for point of service fraud detection
US20100030688A1 (en) * 2008-07-29 2010-02-04 Barbara Elizabeth Patterson Transaction processing using a global unique identifier
US9183555B2 (en) 2008-07-29 2015-11-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9530131B2 (en) 2008-07-29 2016-12-27 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US11030608B2 (en) 2008-09-22 2021-06-08 Visa International Service Association Recordation of electronic payment transaction information
US20100217709A1 (en) * 2008-09-22 2010-08-26 Christian Aabye Apparatus and method for preventing unauthorized access to payment application installed in contactless payment device
US9824355B2 (en) 2008-09-22 2017-11-21 Visa International Service Association Method of performing transactions with contactless payment devices using pre-tap and two-tap operations
US11232427B2 (en) 2008-09-22 2022-01-25 Visa International Service Association Method of performing transactions with contactless payment devices using pre-tap and two-tap operations
US11315099B2 (en) 2008-09-22 2022-04-26 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US11501274B2 (en) 2008-09-22 2022-11-15 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US8977567B2 (en) 2008-09-22 2015-03-10 Visa International Service Association Recordation of electronic payment transaction information
US10332094B2 (en) 2008-09-22 2019-06-25 Visa International Service Association Recordation of electronic payment transaction information
US10037523B2 (en) 2008-09-22 2018-07-31 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US10769614B2 (en) 2008-09-22 2020-09-08 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US10706402B2 (en) 2008-09-22 2020-07-07 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US12086777B2 (en) 2008-09-22 2024-09-10 Visa International Service Association Method of performing transactions with contactless payment devices using pre-tap and two-tap operations
US9672508B2 (en) 2008-09-22 2017-06-06 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US8612305B2 (en) 2008-10-31 2013-12-17 Visa International Service Association User enhanced authentication system for online purchases
US10963932B2 (en) 2008-10-31 2021-03-30 Visa International Service Association User enhanced authentication system for online purchases
US20100114740A1 (en) * 2008-10-31 2010-05-06 Ben Dominguez User enhanced authentication system for online purchases
US10896452B2 (en) 2008-10-31 2021-01-19 Visa International Service Association User enhanced authentication system for online purchases
US9996864B2 (en) 2008-10-31 2018-06-12 Visa International Service Association User enhanced authentication system for online purchases
US8702007B2 (en) 2009-01-07 2014-04-22 Powered Card Solutions, Llc On card display of data from secured chip
US9798965B2 (en) 2009-01-07 2017-10-24 Powered Card Solutions, Llc On card display of data from secured chip
US20100179909A1 (en) * 2009-01-14 2010-07-15 Jubin Dana User defined udk
US20100312703A1 (en) * 2009-06-03 2010-12-09 Ashish Kulpati System and method for providing authentication for card not present transactions using mobile device
US20110082757A1 (en) * 2009-06-06 2011-04-07 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US8103553B2 (en) 2009-06-06 2012-01-24 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US20100312702A1 (en) * 2009-06-06 2010-12-09 Bullock Roddy M System and method for making money by facilitating easy online payment
US8065193B2 (en) 2009-06-06 2011-11-22 Bullock Roddy Mckee Method for making money on the internet
US20100332337A1 (en) * 2009-06-25 2010-12-30 Bullock Roddy Mckee Universal one-click online payment method and system
US20110137748A1 (en) * 2009-12-09 2011-06-09 Yigal Baher Systems and Methods for Virtual Credit Card Transactions
US10218687B2 (en) 2011-09-30 2019-02-26 Paypal, Inc. Differential client-side encryption of information originating from a client
US20130091351A1 (en) * 2011-09-30 2013-04-11 Braintree Payment Solutions, Llc Differential client-side encryption of information originating from a client
US20190260723A1 (en) * 2011-09-30 2019-08-22 Paypal, Inc. Differential client-side encryption of information originating from a client
US8631230B2 (en) * 2011-09-30 2014-01-14 Braintree Payment Solutions, Llc Differential client-side encryption of information originating from a client
US8631229B2 (en) * 2011-09-30 2014-01-14 Braintree Payment Solutions, Llc Differential client-side encryption of information originating from a client
US9391963B2 (en) 2011-09-30 2016-07-12 Paypal, Inc. Differential client-side encryption of information originating from a client
US10581818B2 (en) * 2011-09-30 2020-03-03 Paypal, Inc. Differential client-side encryption of information originating from a client
US9742747B2 (en) 2011-09-30 2017-08-22 Paypal, Inc. Differential client-side encryption of information originating from a client
US9009462B2 (en) 2011-09-30 2015-04-14 Ebay Inc. Differential client-side encryption of information originating from a client
US11477180B2 (en) 2011-09-30 2022-10-18 Paypal, Inc. Differential client-side encryption of information originating from a client
US9460436B2 (en) 2012-03-16 2016-10-04 Visa International Service Association Systems and methods to apply the benefit of offers via a transaction handler
US10339553B2 (en) 2012-03-16 2019-07-02 Visa International Service Association Systems and methods to apply the benefit of offers via a transaction handler
US11640621B2 (en) 2013-10-24 2023-05-02 Visa International Service Association Systems and methods to provide a user interface for redemption of loyalty rewards
US11328315B2 (en) 2013-10-24 2022-05-10 Visa International Service Association Systems and methods to provide a user interface for redemption of loyalty rewards
US9990646B2 (en) 2013-10-24 2018-06-05 Visa International Service Association Systems and methods to provide a user interface for redemption of loyalty rewards
US20160314469A1 (en) * 2013-12-31 2016-10-27 Feitian Technologies Co., Ltd. Method for generating off-line authentication credentials by intelligent card
US10540656B2 (en) 2014-03-13 2020-01-21 Visa International Service Association Communication protocols for processing an authorization request in a distributed computing system
US9672516B2 (en) 2014-03-13 2017-06-06 Visa International Service Association Communication protocols for processing an authorization request in a distributed computing system
US10275770B2 (en) 2014-03-13 2019-04-30 Visa International Service Association Communication protocols for processing an authorization request in a distributed computing system
US12137083B2 (en) 2022-10-17 2024-11-05 Paypal, Inc. Differential client-side encryption of information originating from a client

Also Published As

Publication number Publication date
AU6758898A (en) 1998-09-29
WO1998040982A1 (en) 1998-09-17

Similar Documents

Publication Publication Date Title
US6247129B1 (en) Secure electronic commerce employing integrated circuit cards
WO1998040982A9 (en) Secure electronic commerce employing integrated circuit cards
AU2001243658B2 (en) Method and system for secure payments over a computer network
CA2306865C (en) Digitally certifying a user identity and a computer system in combination
US7379919B2 (en) Method and system for conducting secure payments over a computer network
KR100349779B1 (en) Four-party credit/debit payment protocol
US20100153273A1 (en) Systems for performing transactions at a point-of-sale terminal using mutating identifiers
US20040059686A1 (en) On-line cryptographically based payment authorization method and apparatus
AU2001243658A1 (en) Method and system for secure payments over a computer network
WO2003065164A2 (en) System and method for conducting secure payment transaction
CA2406375C (en) An improved method and system for conducting secure payments over a computer network
AU2001257019A1 (en) An improved method and system for conducting secure payments over a computer network
US20090037340A1 (en) Digital certification method and apparatus
US20130132726A1 (en) Digital certification method and apparatus
JP3497936B2 (en) Personal authentication method
AU2002254513B8 (en) System and method for conducting secure payment transactions
JP4903346B2 (en) Improved method and system for processing secure payments across computer networks without pseudo or proxy account numbers
AU2007216920B2 (en) An improved method and system for conducting secure payments over a computer network
AU2012201255B2 (en) An improved method and system for conducting secure payments over a computer network
EP1921579A2 (en) An improved method and system for conducting secure payments over a computer network
ZA200208248B (en) An improved method and system for conducting secure payments over a computer network.
WO2002103642A2 (en) Method and system for secure credit card transactions
ZA200307558B (en) System and method for conducting secure payment transactions.

Legal Events

Date Code Title Description
AS Assignment

Owner name: VISA INTERNATIONAL SERVICE ASSOCIATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KEATHLEY, KIMBERLY ANN;CHEN, ANN-PIN;MCCUSKER, NANCY;REEL/FRAME:009344/0549;SIGNING DATES FROM 19980615 TO 19980622

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12